mirror of https://github.com/fail2ban/fail2ban
43 lines
1.8 KiB
Plaintext
43 lines
1.8 KiB
Plaintext
Source: fail2ban
|
|
Section: net
|
|
Priority: optional
|
|
Maintainer: Yaroslav Halchenko <debian@onerussian.com>
|
|
Build-Depends:
|
|
debhelper (>= 9)
|
|
, debhelper (>= 9.20160709) | dh-systemd
|
|
, python3
|
|
, python3-pyinotify
|
|
Homepage: http://www.fail2ban.org
|
|
Vcs-Git: git://github.com/fail2ban/fail2ban.git -b debian
|
|
Vcs-Browser: http://github.com/fail2ban/fail2ban
|
|
Standards-Version: 4.1.3
|
|
|
|
|
|
Package: fail2ban
|
|
Architecture: all
|
|
Depends: ${python3:Depends}, ${misc:Depends}, lsb-base (>=2.0-7)
|
|
Recommends: python, iptables, whois, python3-pyinotify, python3-systemd
|
|
Suggests: mailx, system-log-daemon, monit
|
|
Description: ban hosts that cause multiple authentication errors
|
|
Fail2ban monitors log files (e.g. /var/log/auth.log,
|
|
/var/log/apache/access.log) and temporarily or persistently bans
|
|
failure-prone addresses by updating existing firewall rules. Fail2ban
|
|
allows easy specification of different actions to be taken such as to ban
|
|
an IP using iptables or hostsdeny rules, or simply to send a notification
|
|
email.
|
|
.
|
|
By default, it comes with filter expressions for various services
|
|
(sshd, apache, qmail, proftpd, sasl etc.) but configuration can be
|
|
easily extended for monitoring any other text file. All filters and
|
|
actions are given in the config files, thus fail2ban can be adopted
|
|
to be used with a variety of files and firewalls. Following recommends
|
|
are listed:
|
|
.
|
|
- iptables -- default installation uses iptables for banning. You most
|
|
probably need it
|
|
- whois -- used by a number of *mail-whois* actions to send notification
|
|
emails with whois information about attacker hosts. Unless you will use
|
|
those you don't need whois
|
|
- python3-pyinotify -- unless you monitor services logs via systemd, you
|
|
need pyinotify for efficient monitoring for log files changes
|