diff --git a/config/jail.conf b/config/jail.conf index 442d8182..7a420d20 100644 --- a/config/jail.conf +++ b/config/jail.conf @@ -206,11 +206,9 @@ logpath = /var/log/auth.log [dropbear] port = ssh -filter = sshd logpath = /var/log/dropbear - [selinux-ssh] port = ssh @@ -570,6 +568,7 @@ bantime = 300 logpath = /var/log/mail.log + # dovecot defaults to logging to the mail syslog facility # but can be set by syslog_facility in the dovecot configuration. [dovecot] @@ -640,6 +639,13 @@ port = imap3,imaps logpath = /var/log/mail*log +[uwimap-auth] + +port = imap3,imaps +logpath = /var/log/mail*log + + +# # # DNS servers # @@ -693,6 +699,16 @@ logpath = /var/log/asterisk/messages maxretry = 10 +[freeswitch] + +port = 5060,5061 +action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] + %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] + %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"] +logpath = /var/log/freeswitch.log +maxretry = 10 + + # Historical support (before https://github.com/fail2ban/fail2ban/issues/37 was fixed ) # use [asterisk] for new jails [asterisk-tcp] @@ -767,3 +783,13 @@ logpath = /var/log/daemon.log maxretry = 2 +# stunnel - need to set port for this +[stunnel] + +logpath = /var/log/stunnel4/stunnel.log + + +[ejabberd-auth] + +port = 5222 +logpath = /var/log/ejabberd/ejabberd.log diff --git a/fail2ban/tests/clientreadertestcase.py b/fail2ban/tests/clientreadertestcase.py index fd820fd8..a0ada34e 100644 --- a/fail2ban/tests/clientreadertestcase.py +++ b/fail2ban/tests/clientreadertestcase.py @@ -21,7 +21,7 @@ __author__ = "Cyril Jaquier, Yaroslav Halchenko" __copyright__ = "Copyright (c) 2004 Cyril Jaquier, 2011-2013 Yaroslav Halchenko" __license__ = "GPL" -import os, shutil, sys, tempfile, unittest +import os, glob, shutil, sys, tempfile, unittest from ..client.configreader import ConfigReader from ..client.jailreader import JailReader @@ -471,21 +471,21 @@ class JailsReaderTest(LogCaptureTestCase): # all must have some actionban self.assertTrue(actionReader._opts.get('actionban', '').strip()) - # Verify that all filters found under config/ have a jail - def testReadStockJailFilterComplete(self): - jails = JailsReader(basedir=CONFIG_DIR, force_enable=True) - self.assertTrue(jails.read()) # opens fine - self.assertTrue(jails.getOptions()) # reads fine - # grab all filter names - filters = set(os.path.splitext(os.path.split(a)[1])[0] - for a in glob.glob(os.path.join('config', 'filter.d', '*.conf')) - if not a.endswith('common.conf')) - filters_jail = set(jail.options['filter'] for jail in jails.jails) - self.maxDiff = None - self.assertTrue(filters.issubset(filters_jail), - "More filters exists than are referenced in stock jail.conf %r" % filters.difference(filters_jail)) - self.assertTrue(filters_jail.issubset(filters), - "Stock jail.conf references non-existent filters %r" % filters_jail.difference(filters)) + # Verify that all filters found under config/ have a jail + def testReadStockJailFilterComplete(self): + jails = JailsReader(basedir=CONFIG_DIR, force_enable=True) + self.assertTrue(jails.read()) # opens fine + self.assertTrue(jails.getOptions()) # reads fine + # grab all filter names + filters = set(os.path.splitext(os.path.split(a)[1])[0] + for a in glob.glob(os.path.join('config', 'filter.d', '*.conf')) + if not a.endswith('common.conf')) + filters_jail = set(jail.options['filter'] for jail in jails.jails) + self.maxDiff = None + self.assertTrue(filters.issubset(filters_jail), + "More filters exists than are referenced in stock jail.conf %r" % filters.difference(filters_jail)) + self.assertTrue(filters_jail.issubset(filters), + "Stock jail.conf references non-existent filters %r" % filters_jail.difference(filters)) def testReadStockJailConfForceEnabled(self): # more of a smoke test to make sure that no obvious surprises