Commit Graph

30 Commits (f6861cd5eef8b863fd8eebaf2e5ce6e67fea1c06)

Author SHA1 Message Date
Yaroslav Halchenko 6197fb178c Added a comment into Debian-shipped jail.conf about sasl logpath -- it might preferable to monitor warn.log in case of postfix 2009-07-09 00:48:05 -04:00
Yaroslav Halchenko 5fe12cc756 BF: added missing semicolon in a logging template for bind within jail.conf 2009-02-02 23:01:17 -05:00
Yaroslav Halchenko a88fd271c4 2 new jails: xinetd-fail, apache-overflows added to jails.conf 2008-03-05 23:29:36 -05:00
Yaroslav Halchenko 5d6d07508d minor: adjusted comment for named jails to come closer to upstream 2008-03-05 23:18:04 -05:00
Yaroslav Halchenko 15ce210cd0 BF: apache-* jails -- authentication failures are recorded in *error.log files, thus paths were adjusted 2008-03-05 23:14:22 -05:00
Yaroslav Halchenko 1cedd8e02b BF: removed sftp from ssh jails 2007-11-22 14:32:17 -05:00
Yaroslav Halchenko 8d9aca4e20 * Fixed named-refused filter. 2007-10-16 17:02:35 -04:00
Yaroslav Halchenko 413ec5317e first pre-release version of 0.8.1 2007-10-16 17:02:35 -04:00
Yaroslav Halchenko 95d17ee318 * Adjusted failregex for sshd filter:
- anchored properly at the end of line, and source code has .examples
    files to perform testing of the rules.
  - added new explicit rule for users not in the AllowUsers lists
2007-07-29 17:20:23 +00:00
Yaroslav Halchenko 990bd15dd5 specified default protocol (tcp) and specified udp for jail for named 2007-07-25 03:46:41 +00:00
Yaroslav Halchenko 14d3ffc6de * Added a filter for named to catch refused/denied queries 2007-07-24 18:10:05 +00:00
Yaroslav Halchenko f58421eabf * Use /var/run to keep socket file (closes: #425746) 2007-07-05 17:12:17 +00:00
Yaroslav Halchenko a9ecd98ffe Added port param in jail since otherwise -- crashes 2007-06-25 17:08:49 +00:00
Yaroslav Halchenko 2e55bc57c7 * Added a filter pam_generic to catch any login errors.
* Added iptables-allports.
2007-06-25 16:51:05 +00:00
Yaroslav Halchenko e3102eb28a had to rename filter for courierauth 2007-01-18 15:52:48 +00:00
Yaroslav Halchenko 7a1dd9e98c * iptables-multiport is default action to take since Debian kernel arrives
with multiport module. That is to address the fact that most services
  listen on multiple port (for encrypted and non-encrypted connections)
* Added [courierauth] jail (First 2 items are to partially address #407404
2007-01-18 15:41:49 +00:00
Yaroslav Halchenko 36b1833e31 * Adjusted default log file for postfix to be /var/log/mail.log
(Closes: #404921)
2007-01-04 20:25:45 +00:00
Yaroslav Halchenko f01c74581d fixed action_ shortcuts
adjusted initd script to be verbose on start if socketfile exists
2007-01-04 19:47:00 +00:00
Yaroslav Halchenko 7fa686a7f2 * New upstream release, which incorporates fixes introduced in 3~pre
non-released versions (which were suggested to the users to overcome
  problems reported in bug reports). In particular attention should be paid
  to upstream changelog entries

  - Several "failregex" and "ignoreregex" are now accepted.
    Creation of rules should be easier now.
  
    This is an alternative solution to 'multiple <HOST>' entries fix,
    which is not applied to this shipped version - pay cautios if upgrading
    from 0.7.5-3~pre?
 
  - Allow comma in action options. The value of the option must
    be escaped with " or '. 
    That allowed to implement requested ability to ban multiple ports
    at once (See 373592). README.Debian and jail.conf adjusted to reflect
    possible use of iptables-mport
  - Now Fail2ban goes in /usr/share/fail2ban instead of
    /usr/lib/fail2ban. This is more compliant with FHS.
    Patch 00_share_insteadof_lib no longer applied
* Refactored installed by debian package jail.conf:
  - Added option banaction which is to incorporate banning agent
    (usually some flavor of iptables rule), which can then be easily
    overriden globally or per section
  
  - Multiple actions are defined as action_* to serve as shortcuts
2007-01-04 18:08:09 +00:00
Yaroslav Halchenko 4d5ec804f5 * Added filter ssh-ddos to fight DDOS attacks. Must be used with caution if
there is a possibility of clients accessing through unreliable connection 
  (Closes: #404487)
2006-12-28 07:28:53 +00:00
Yaroslav Halchenko ae96eaa40c made failregex universal for both PAM and native vsftpd logging 2006-12-22 04:54:14 +00:00
Yaroslav Halchenko 2e992c2353 * Fail2ban now bans vsftpd logins (corrected logfile path and failregex)
(Closes: #404060)
2006-12-21 16:54:39 +00:00
Yaroslav Halchenko 762d1a188a * NEWS.Debian confusions - the latest NEWS entry and postinst message were
rephrased (Closes: #402350)
* Added mail-whois-lines action, which emails log lines containing abuser
  IP. Those lines are often required for proper abuse reports sent to the
  Internet providers.  Forwarding of such received emails to the email
  addresses of abuse departments present in the output of whois is a
  tentative solution for semi-automatic abuse reporting (Closes: #358810)
2006-12-10 23:40:04 +00:00
Yaroslav Halchenko b457f61e74 * Added reload/force-reload actions to init script
* Adjusted jail.conf a bit
2006-11-06 14:23:58 +00:00
Yaroslav Halchenko 2e568c08d6 new upstream 2006-11-02 02:04:57 +00:00
Yaroslav Halchenko 4bbea5b41b * Corrected init.d script to properly perform restart due to server delay to
react to client command to stop. Handling of status was adjusted as well
* Added apache-noscript to jail.conf
* Default action does not send emails to be inline with previous (0.6.x)
  behavior
2006-10-30 03:32:29 +00:00
Yaroslav Halchenko 923d2214d9 added wuftpd to both 0.6 and 0.7 2006-10-18 05:15:53 +00:00
Yaroslav Halchenko 8d3b4630f3 changed section names - removed -iptables. adjusted description 2006-09-29 13:22:23 +00:00
Yaroslav Halchenko cd46343d11 added few sections (patches + adjusted jail.conf shipped with Debian) 2006-09-29 04:21:16 +00:00
Yaroslav Halchenko 641cd14a40 preliminary packaging of 0.7.3 which gets closer to be used widely, i.e.
could be uploaded to experimental
2006-09-29 04:05:50 +00:00