mirror of https://github.com/fail2ban/fail2ban
added few sections (patches + adjusted jail.conf shipped with Debian)
parent
641cd14a40
commit
cd46343d11
|
@ -40,6 +40,7 @@ action = iptables[name=%(__name__)s, port=%(port)s]
|
|||
#
|
||||
# in /etc/fail2ban/jail.local
|
||||
#
|
||||
|
||||
[ssh-iptables]
|
||||
|
||||
enabled = true
|
||||
|
@ -48,6 +49,10 @@ filter = sshd
|
|||
logpath = /var/log/auth.log
|
||||
maxretry = 6
|
||||
|
||||
#
|
||||
# HTTP servers
|
||||
#
|
||||
|
||||
[apache-iptables]
|
||||
|
||||
enabled = false
|
||||
|
@ -56,14 +61,9 @@ filter = apache-auth
|
|||
logpath = /var/log/apache*/*access.log
|
||||
maxretry = 6
|
||||
|
||||
|
||||
[postfix-iptables]
|
||||
|
||||
enabled = false
|
||||
port = smtp
|
||||
filter = postfix
|
||||
logpath = /var/log/postfix.log
|
||||
|
||||
#
|
||||
# FTP servers
|
||||
#
|
||||
|
||||
[vsftpd-iptables]
|
||||
|
||||
|
@ -74,6 +74,26 @@ logpath = /var/log/auth.log
|
|||
maxretry = 6
|
||||
|
||||
|
||||
[proftpd-iptables]
|
||||
|
||||
enabled = false
|
||||
port = ftp
|
||||
filter = proftpd
|
||||
logpath = /var/log/proftpd/proftpd.log
|
||||
maxretry = 6
|
||||
|
||||
#
|
||||
# Mail servers
|
||||
#
|
||||
|
||||
[postfix-iptables]
|
||||
|
||||
enabled = false
|
||||
port = smtp
|
||||
filter = postfix
|
||||
logpath = /var/log/postfix.log
|
||||
|
||||
|
||||
[couriersmtp-iptables]
|
||||
|
||||
enabled = false
|
||||
|
@ -81,3 +101,10 @@ port = smtp
|
|||
filter = couriersmtp
|
||||
logpath = /var/log/mail.log
|
||||
|
||||
|
||||
[sasl-iptables]
|
||||
|
||||
enabled = false
|
||||
port = smtp
|
||||
filter = sasl
|
||||
logpath = /var/log/mail.log
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
X00_rigid_python24
|
||||
X00_apache_log_failregex
|
||||
10_dbts_manpages
|
||||
10_proftpd_section
|
||||
10_sasl_section
|
||||
|
|
|
@ -0,0 +1,25 @@
|
|||
#! /bin/sh /usr/share/dpatch/dpatch-run
|
||||
## 10_proftpd_section.dpatch by <debian@onerussian.com>
|
||||
##
|
||||
## All lines beginning with `## DP:' are a description of the patch.
|
||||
## DP: No description.
|
||||
|
||||
@DPATCH@
|
||||
diff -urNad fail2ban-0.7.3~/config/filter.d/proftpd.conf fail2ban-0.7.3/config/filter.d/proftpd.conf
|
||||
--- fail2ban-0.7.3~/config/filter.d/proftpd.conf 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ fail2ban-0.7.3/config/filter.d/proftpd.conf 2006-09-29 00:11:33.000000000 -0400
|
||||
@@ -0,0 +1,14 @@
|
||||
+# Fail2Ban configuration file
|
||||
+#
|
||||
+# Author: Yaroslav Halchenko
|
||||
+#
|
||||
+# $Revision: 331 $
|
||||
+#
|
||||
+
|
||||
+[Definition]
|
||||
+
|
||||
+# Option: failregex
|
||||
+# Notes.: regex to match the password failures messages in the logfile.
|
||||
+# Values: TEXT Default: Authentication failure|Failed password|Invalid user
|
||||
+#
|
||||
+failregex = USER \S+: no such user found from \S* ?\[(?P<host>\S+)\] to \S+\s*$
|
|
@ -0,0 +1,25 @@
|
|||
#! /bin/sh /usr/share/dpatch/dpatch-run
|
||||
## 10_sasl_section.dpatch by <debian@onerussian.com>
|
||||
##
|
||||
## All lines beginning with `## DP:' are a description of the patch.
|
||||
## DP: No description.
|
||||
|
||||
@DPATCH@
|
||||
diff -urNad fail2ban-0.7.3~/config/filter.d/sasl.conf fail2ban-0.7.3/config/filter.d/sasl.conf
|
||||
--- fail2ban-0.7.3~/config/filter.d/sasl.conf 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ fail2ban-0.7.3/config/filter.d/sasl.conf 2006-09-29 00:18:19.000000000 -0400
|
||||
@@ -0,0 +1,14 @@
|
||||
+# Fail2Ban configuration file
|
||||
+#
|
||||
+# Author: Yaroslav Halchenko
|
||||
+#
|
||||
+# $Revision: 331 $
|
||||
+#
|
||||
+
|
||||
+[Definition]
|
||||
+
|
||||
+# Option: failregex
|
||||
+# Notes.: regex to match the password failures messages in the logfile.
|
||||
+# Values: TEXT Default: Authentication failure|Failed password|Invalid user
|
||||
+#
|
||||
+failregex = : warning: [-._\w]+\[(?P<host>[.\d]+)\]: SASL (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed$
|
Loading…
Reference in New Issue