mirror of https://github.com/fail2ban/fail2ban
161 lines
4.6 KiB
Plaintext
Executable File
161 lines
4.6 KiB
Plaintext
Executable File
#! /bin/sh /usr/share/dpatch/dpatch-run
|
|
## 00_proftpd_section.dpatch by <debian@onerussian.com>
|
|
##
|
|
## All lines beginning with `## DP:' are a description of the patch.
|
|
## DP: New section for proftpd
|
|
|
|
@DPATCH@
|
|
|
|
diff -x '*~' -Naur fail2ban-0.6.1.pre/config/fail2ban.conf.hostsdeny fail2ban-0.6.1.post/config/fail2ban.conf.hostsdeny
|
|
--- fail2ban-0.6.1.pre/config/fail2ban.conf.hostsdeny 2006-05-27 22:57:03.000000000 -0400
|
|
+++ fail2ban-0.6.1.post/config/fail2ban.conf.hostsdeny 2006-05-27 23:01:11.000000000 -0400
|
|
@@ -291,6 +291,47 @@
|
|
failregex = FAIL LOGIN
|
|
|
|
|
|
+[PROFTPD]
|
|
+# Option: enabled
|
|
+# Notes.: enable monitoring for this section.
|
|
+# Values: [true | false] Default: false
|
|
+#
|
|
+enabled = false
|
|
+
|
|
+# Option: logfile
|
|
+# Notes.: logfile to monitor.
|
|
+# Values: FILE Default: /var/log/proftpd/proftpd.log
|
|
+# Other.: /var/log/auth.log
|
|
+#
|
|
+logfile = /var/log/proftpd/proftpd.log
|
|
+
|
|
+# Option: port
|
|
+# Notes.: specifies port to monitor
|
|
+# Values: [ NUM | STRING ] Default: ftp
|
|
+#
|
|
+port = ftp
|
|
+
|
|
+# Option: timeregex
|
|
+# Notes.: regex to match timestamp in VSFTPD logfile.
|
|
+# Values: [Mar 7 17:53:28]
|
|
+# Default: \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}
|
|
+#
|
|
+timeregex = \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}
|
|
+
|
|
+# Option: timepattern
|
|
+# Notes.: format used in "timeregex" fields definition. Note that '%' must be
|
|
+# escaped with '%' (see http://rgruet.free.fr/PQR2.3.html#timeModule)
|
|
+# Values: TEXT Default: %%b %%d %%H:%%M:%%S
|
|
+#
|
|
+timepattern = %%b %%d %%H:%%M:%%S
|
|
+
|
|
+# Option: failregex
|
|
+# Notes.: regex to match the password failures messages in the logfile.
|
|
+# Values: TEXT Default:
|
|
+#
|
|
+failregex = USER \S+: no such user found from \S* ?\[(?P<host>\S+)\] to \S+\s*$
|
|
+
|
|
+
|
|
[SSH]
|
|
# Option: enabled
|
|
# Notes.: enable monitoring for this section.
|
|
diff -x '*~' -Naur fail2ban-0.6.1.pre/config/fail2ban.conf.iptables fail2ban-0.6.1.post/config/fail2ban.conf.iptables
|
|
--- fail2ban-0.6.1.pre/config/fail2ban.conf.iptables 2006-05-27 22:57:03.000000000 -0400
|
|
+++ fail2ban-0.6.1.post/config/fail2ban.conf.iptables 2006-05-27 23:01:20.000000000 -0400
|
|
@@ -385,6 +385,48 @@
|
|
#
|
|
failregex = FAIL LOGIN
|
|
|
|
+
|
|
+[PROFTPD]
|
|
+# Option: enabled
|
|
+# Notes.: enable monitoring for this section.
|
|
+# Values: [true | false] Default: false
|
|
+#
|
|
+enabled = false
|
|
+
|
|
+# Option: logfile
|
|
+# Notes.: logfile to monitor.
|
|
+# Values: FILE Default: /var/log/proftpd/proftpd.log
|
|
+# Other.: /var/log/auth.log
|
|
+#
|
|
+logfile = /var/log/proftpd/proftpd.log
|
|
+
|
|
+# Option: port
|
|
+# Notes.: specifies port to monitor
|
|
+# Values: [ NUM | STRING ] Default: ftp
|
|
+#
|
|
+port = ftp
|
|
+
|
|
+# Option: timeregex
|
|
+# Notes.: regex to match timestamp in VSFTPD logfile.
|
|
+# Values: [Mar 7 17:53:28]
|
|
+# Default: \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}
|
|
+#
|
|
+timeregex = \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}
|
|
+
|
|
+# Option: timepattern
|
|
+# Notes.: format used in "timeregex" fields definition. Note that '%' must be
|
|
+# escaped with '%' (see http://rgruet.free.fr/PQR2.3.html#timeModule)
|
|
+# Values: TEXT Default: %%b %%d %%H:%%M:%%S
|
|
+#
|
|
+timepattern = %%b %%d %%H:%%M:%%S
|
|
+
|
|
+# Option: failregex
|
|
+# Notes.: regex to match the password failures messages in the logfile.
|
|
+# Values: TEXT Default:
|
|
+#
|
|
+failregex = USER \S+: no such user found from \S* ?\[(?P<host>\S+)\] to \S+\s*$
|
|
+
|
|
+
|
|
[SSH]
|
|
# Option: enabled
|
|
# Notes.: enable monitoring for this section.
|
|
diff -x '*~' -Naur fail2ban-0.6.1.pre/config/fail2ban.conf.shorewall fail2ban-0.6.1.post/config/fail2ban.conf.shorewall
|
|
--- fail2ban-0.6.1.pre/config/fail2ban.conf.shorewall 2006-05-27 22:57:03.000000000 -0400
|
|
+++ fail2ban-0.6.1.post/config/fail2ban.conf.shorewall 2006-05-27 23:00:32.000000000 -0400
|
|
@@ -277,6 +277,45 @@
|
|
#
|
|
failregex = FAIL LOGIN
|
|
|
|
+[PROFTPD]
|
|
+# Option: enabled
|
|
+# Notes.: enable monitoring for this section.
|
|
+# Values: [true | false] Default: false
|
|
+#
|
|
+enabled = false
|
|
+
|
|
+# Option: logfile
|
|
+# Notes.: logfile to monitor.
|
|
+# Values: FILE Default: /var/log/proftpd/proftpd.log
|
|
+# Other.: /var/log/auth.log
|
|
+#
|
|
+logfile = /var/log/proftpd/proftpd.log
|
|
+
|
|
+# Option: port
|
|
+# Notes.: specifies port to monitor
|
|
+# Values: [ NUM | STRING ] Default: ftp
|
|
+#
|
|
+port = ftp
|
|
+
|
|
+# Option: timeregex
|
|
+# Notes.: regex to match timestamp in VSFTPD logfile.
|
|
+# Values: [Mar 7 17:53:28]
|
|
+# Default: \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}
|
|
+#
|
|
+timeregex = \S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2}
|
|
+
|
|
+# Option: timepattern
|
|
+# Notes.: format used in "timeregex" fields definition. Note that '%' must be
|
|
+# escaped with '%' (see http://rgruet.free.fr/PQR2.3.html#timeModule)
|
|
+# Values: TEXT Default: %%b %%d %%H:%%M:%%S
|
|
+#
|
|
+timepattern = %%b %%d %%H:%%M:%%S
|
|
+
|
|
+# Option: failregex
|
|
+# Notes.: regex to match the password failures messages in the logfile.
|
|
+# Values: TEXT Default:
|
|
+#
|
|
+failregex = USER \S+: no such user found from \S* ?\[(?P<host>\S+)\] to \S+\s*$
|
|
|
|
[SSH]
|
|
# Option: enabled
|