github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

DOC: move named and mysql instructions into the filters from jail.conf

pull/409/head
Daniel Black 2013-10-30 21:12:16 +11:00
parent 7ab909d056
commit de9977441a
3 changed files with 24 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
config/filter.d/mysqld-auth.conf
View File

@ -3,6 +3,11 @@
# Authors: Artur Penttinen # Authors: Artur Penttinen
# Yaroslav O. Halchenko # Yaroslav O. Halchenko
# #
# To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld]:
# log-error=/var/log/mysqld.log
# log-warning = 2
#
# If using mysql syslog [mysql_safe] has syslog in /etc/my.cnf
[INCLUDES] [INCLUDES]

16
config/filter.d/named-refused.conf
View File

@ -4,7 +4,23 @@
# #
# Author: Yaroslav Halchenko # Author: Yaroslav Halchenko
# #
# This filter blocks attacks against named (bind9).
# #
# By default, logging is off
# with bind9 installation. You will need something like this:
#
# logging {
# channel security_file {
# file "/var/log/named/security.log" versions 3 size 30m;
# severity dynamic;
# print-time yes;
# };
# category security {
# security_file;
# };
# };
#
# in your named.conf to provide proper logging.
[Definition] [Definition]

24
config/jail.conf
View File

@ -306,23 +306,6 @@ logpath = /var/log/auth.log
ignoreip = 168.192.0.1 ignoreip = 168.192.0.1
# These jails block attacks against named (bind9). By default, logging is off
# with bind9 installation. You will need something like this:
#
# logging {
# channel security_file {
# file "/var/log/named/security.log" versions 3 size 30m;
# severity dynamic;
# print-time yes;
# };
# category security {
# security_file;
# };
# };
#
# in your named.conf to provide proper logging.
# This jail blocks UDP traffic for DNS requests.
# !!! WARNING !!! # !!! WARNING !!!
# Since UDP is connection-less protocol, spoofing of IP and imitation # Since UDP is connection-less protocol, spoofing of IP and imitation
# of illegal actions is way too simple. Thus enabling of this filter # of illegal actions is way too simple. Thus enabling of this filter
@ -331,6 +314,8 @@ ignoreip = 168.192.0.1
# http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html
# Please DO NOT USE this jail unless you know what you are doing. # Please DO NOT USE this jail unless you know what you are doing.
# #
# IMPORTANT: see filter.d/named-refused for instructions to enable logging
# This jail blocks UDP traffic for DNS requests.
# [named-refused-udp] # [named-refused-udp]
# #
# enabled = false # enabled = false
@ -340,6 +325,7 @@ ignoreip = 168.192.0.1
# logpath = /var/log/named/security.log # logpath = /var/log/named/security.log
# ignoreip = 168.192.0.1 # ignoreip = 168.192.0.1
# IMPORTANT: see filter.d/named-refused for instructions to enable logging
# This jail blocks TCP traffic for DNS requests. # This jail blocks TCP traffic for DNS requests.
[named-refused-tcp] [named-refused-tcp]
@ -385,9 +371,6 @@ logpath = /var/log/asterisk/messages
maxretry = 10 maxretry = 10
# To log wrong MySQL access attempts add to /etc/my.cnf:
# log-error=/var/log/mysqld.log
# log-warning = 2
[mysqld-iptables] [mysqld-iptables]
enabled = false enabled = false
@ -398,7 +381,6 @@ logpath = /var/log/mysqld.log
maxretry = 5 maxretry = 5
# If using mysql syslog [mysql_safe] has syslog in /etc/my.cnf
[mysqld-syslog-iptables] [mysqld-syslog-iptables]
enabled = false enabled = false