2d068572bc
debian/jail.conf - dropbear jail: use dropbear filter (instead of ssh) and monitor auth.log instead of non-existing /var/log/dropbear ( Closes : #620760 )
2013-11-16 21:35:04 -05:00
a4ab39ea82
minor jail.conf tune ups. More needed to adopt the jails/filter added upstrean
2013-11-10 00:24:24 -08:00
8960b5734a
debian/jail.conf - added "submission" (port 587) to all SMTP-related jails ( Closes : #714632 ). Thanks Tony den Haan for the report
2013-07-01 14:38:39 -04:00
278b49f52d
debian/jail.conf: pure-ftpd jail should monitor syslog not auth.log.
...
Thanks Laurent Léonard for the report
2013-06-21 10:48:32 -04:00
30adad2029
added new sample jails definitions for ssh-route, ssh-iptables-ipset{4,6}, roundcube-auth, sogo-auth, mysqld-auth
2013-05-13 11:18:23 -04:00
b951ad78c4
debian/jail.conf: added findtime and documentation on those basic options from jail.conf
2013-02-18 18:51:15 -05:00
d969aef8f8
BF: specify full action for recidive jail since it needs allport action
2012-07-31 17:02:34 -04:00
59e95b053e
debian/jail.conf: adopted few jails from "upstreams" jail.conf: asterisk, recidive, lighttpd, php-url-open
2012-07-31 16:16:55 -04:00
1163450227
added usedns option into debian/jail.conf
2012-07-31 16:08:00 -04:00
d8d950dcc6
ENH: adopted description about backends from upstream's jail.conf
2012-07-31 16:02:31 -04:00
14d609941b
monitor syslog not auth.log for wuftpd
2012-07-31 15:59:44 -04:00
6ad4276a4e
DOC: note about way to add comments + pruned not needed authorship line and obsolete $Revision$
2012-06-04 22:46:59 -04:00
b25dddff31
Added dovecot section to Debian's jail.conf. Thanks to Laurent Léonard ( Closes : #655182 )
2012-01-08 21:47:18 -05:00
5c2abe60a1
Added pure-ftpd section to Debian's jail.conf. Thanks to Laurent Léonard ( Closes : #654412 )
2012-01-05 23:01:11 -05:00
8f3d54882a
manually removed all expansion for SVN keywords to match with master
2011-11-18 10:10:45 -05:00
9e3c29659d
Set backend to auto and recommends python-gamin ( Closes : #524425 )
2011-07-28 22:56:33 -04:00
a7632c0d2a
Added dropbear jail and made formatting of jails consistent (and untabified)
2011-03-23 17:22:21 -04:00
086176c4df
debian/jail.conf: got 'chain' parameter to be specified for iptables actions ( Closes : #515599 )
...
+ trailing whitespaces were removed
Thanks to Christoph Anton Mitterer for the original bugreport raising the
concern and Matthijs Kooijman for giving 'chains parameter' idea
2011-03-23 16:59:39 -04:00
350c5f676b
debian/jail.conf: closing " for protocol specification
...
not sure how it did not have any negative impact before :-/
2011-03-23 16:56:57 -04:00
a6bc0e517f
ENH: adjusted description for sasl jail ( Closes : #615952 )
2011-03-23 16:09:00 -04:00
db6aadfc39
spellcheck debian/jail.conf ( Closes : #598206 ). Thanks Christoph Anton Mitterer
2010-09-27 09:16:34 -04:00
35e43cf650
debian: default ignoreip to ignore entire loopback zone (/8): see http://bugs.debian.org/598200
2010-09-27 09:11:47 -04:00
833f60a38a
Replacing word of caution with big fat warning and commenting out named-refused-udp completely ( Closes : #583364 )
2010-06-28 21:45:47 -04:00
6197fb178c
Added a comment into Debian-shipped jail.conf about sasl logpath -- it might preferable to monitor warn.log in case of postfix
2009-07-09 00:48:05 -04:00
5fe12cc756
BF: added missing semicolon in a logging template for bind within jail.conf
2009-02-02 23:01:17 -05:00
a88fd271c4
2 new jails: xinetd-fail, apache-overflows added to jails.conf
2008-03-05 23:29:36 -05:00
5d6d07508d
minor: adjusted comment for named jails to come closer to upstream
2008-03-05 23:18:04 -05:00
15ce210cd0
BF: apache-* jails -- authentication failures are recorded in *error.log files, thus paths were adjusted
2008-03-05 23:14:22 -05:00
1cedd8e02b
BF: removed sftp from ssh jails
2007-11-22 14:32:17 -05:00
8d9aca4e20
* Fixed named-refused filter.
2007-10-16 17:02:35 -04:00
413ec5317e
first pre-release version of 0.8.1
2007-10-16 17:02:35 -04:00
95d17ee318
* Adjusted failregex for sshd filter:
...
- anchored properly at the end of line, and source code has .examples
files to perform testing of the rules.
- added new explicit rule for users not in the AllowUsers lists
2007-07-29 17:20:23 +00:00
990bd15dd5
specified default protocol (tcp) and specified udp for jail for named
2007-07-25 03:46:41 +00:00
14d3ffc6de
* Added a filter for named to catch refused/denied queries
2007-07-24 18:10:05 +00:00
f58421eabf
* Use /var/run to keep socket file ( closes : #425746 )
2007-07-05 17:12:17 +00:00
a9ecd98ffe
Added port param in jail since otherwise -- crashes
2007-06-25 17:08:49 +00:00
2e55bc57c7
* Added a filter pam_generic to catch any login errors.
...
* Added iptables-allports.
2007-06-25 16:51:05 +00:00
e3102eb28a
had to rename filter for courierauth
2007-01-18 15:52:48 +00:00
7a1dd9e98c
* iptables-multiport is default action to take since Debian kernel arrives
...
with multiport module. That is to address the fact that most services
listen on multiple port (for encrypted and non-encrypted connections)
* Added [courierauth] jail (First 2 items are to partially address #407404
2007-01-18 15:41:49 +00:00
36b1833e31
* Adjusted default log file for postfix to be /var/log/mail.log
...
(Closes : #404921 )
2007-01-04 20:25:45 +00:00
f01c74581d
fixed action_ shortcuts
...
adjusted initd script to be verbose on start if socketfile exists
2007-01-04 19:47:00 +00:00
7fa686a7f2
* New upstream release, which incorporates fixes introduced in 3~pre
...
non-released versions (which were suggested to the users to overcome
problems reported in bug reports). In particular attention should be paid
to upstream changelog entries
- Several "failregex" and "ignoreregex" are now accepted.
Creation of rules should be easier now.
This is an alternative solution to 'multiple <HOST>' entries fix,
which is not applied to this shipped version - pay cautios if upgrading
from 0.7.5-3~pre?
- Allow comma in action options. The value of the option must
be escaped with " or '.
That allowed to implement requested ability to ban multiple ports
at once (See 373592). README.Debian and jail.conf adjusted to reflect
possible use of iptables-mport
- Now Fail2ban goes in /usr/share/fail2ban instead of
/usr/lib/fail2ban. This is more compliant with FHS.
Patch 00_share_insteadof_lib no longer applied
* Refactored installed by debian package jail.conf:
- Added option banaction which is to incorporate banning agent
(usually some flavor of iptables rule), which can then be easily
overriden globally or per section
- Multiple actions are defined as action_* to serve as shortcuts
2007-01-04 18:08:09 +00:00
4d5ec804f5
* Added filter ssh-ddos to fight DDOS attacks. Must be used with caution if
...
there is a possibility of clients accessing through unreliable connection
(Closes : #404487 )
2006-12-28 07:28:53 +00:00
ae96eaa40c
made failregex universal for both PAM and native vsftpd logging
2006-12-22 04:54:14 +00:00
2e992c2353
* Fail2ban now bans vsftpd logins (corrected logfile path and failregex)
...
(Closes : #404060 )
2006-12-21 16:54:39 +00:00
762d1a188a
* NEWS.Debian confusions - the latest NEWS entry and postinst message were
...
rephrased (Closes : #402350 )
* Added mail-whois-lines action, which emails log lines containing abuser
IP. Those lines are often required for proper abuse reports sent to the
Internet providers. Forwarding of such received emails to the email
addresses of abuse departments present in the output of whois is a
tentative solution for semi-automatic abuse reporting (Closes : #358810 )
2006-12-10 23:40:04 +00:00
b457f61e74
* Added reload/force-reload actions to init script
...
* Adjusted jail.conf a bit
2006-11-06 14:23:58 +00:00
2e568c08d6
new upstream
2006-11-02 02:04:57 +00:00
4bbea5b41b
* Corrected init.d script to properly perform restart due to server delay to
...
react to client command to stop. Handling of status was adjusted as well
* Added apache-noscript to jail.conf
* Default action does not send emails to be inline with previous (0.6.x)
behavior
2006-10-30 03:32:29 +00:00
923d2214d9
added wuftpd to both 0.6 and 0.7
2006-10-18 05:15:53 +00:00
Yaroslav Halchenko