fail2ban/debian
Yaroslav Halchenko 1e0cb0326e decided to swith to proper debian versioning 2005-10-21 01:22:59 +00:00
..
README.Debian * Fixed typos (thanx to Ross Boylan). 2005-10-20 17:33:53 +00:00
TODO corrected for proper format of SYSLOG entries 2005-08-19 10:34:03 +00:00
changelog decided to swith to proper debian versioning 2005-10-21 01:22:59 +00:00
compat Load fail2ban-0.4.1 into debs/fail2ban/trunk. 2005-07-06 23:10:26 +00:00
control Adjusted description and added logrotate config 2005-08-13 08:31:19 +00:00
copyright fixed address to avoid lintian complains 2005-10-04 06:43:32 +00:00
docs fixed man pages - cross referenced them, placed fail2ban into section 8 2005-08-18 23:40:49 +00:00
logrotate Adjusted description and added logrotate config 2005-08-13 08:31:19 +00:00
postinst * Fixed typos (thanx to Ross Boylan). 2005-10-20 17:33:53 +00:00
rules Trying to fix it up a bit 2005-10-20 17:46:00 +00:00
watch merged with upstream. Need to propagate 'Debian' patches into upstream as soon as possible because they lead to conflicts on upgrades 2005-09-09 21:15:41 +00:00

README.Debian

fail2ban for Debian
-------------------

This package is nearly 100% identical to the upstream version. It was
merely packaged to be installed on a Debian system and due to tight
collaboration with upstream author most of the Debian modifications
penetrate into the next upstream.

Currently the main difference with upstream: python libraries are
placed under /usr/share/fail2ban insteadh of /usr/lib/fail2ban to
comply with policy regarding architecture independent resources.

Default behavior:
-----------------

Only handling of ssh files is enabled by default. If you want to use
fail2ban with apache, please enable apache section manually in
/etc/fail2ban.conf.

Troubleshooting:
---------------

Updated failregex:

To resolve the security bug #330827 [1] failregex expressions must
provide a named group (?P<host>...) as a placeholder of the abuser's
host. The naming of the group was introduced to capture possible
future generalizations of failregex to provide even more
information. At a current point, all named groups are considered as
possible locations of the host addresses, but usually you should need
just a single group (?P<host>...)

[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=330827

Mailing:

As it was reported (bug #329722) you might need to provide a full
e-mail address in fail2ban.conf option MAIL:from to make your mail
server accept that email. I've added @localhost to both MAIL:from and
MAIL:to in the default configuration shipped with Debian. It seems to
work nicely now

See TODO.Debian for more details, as well as the Debian Bug Tracking
system.

Dirty exit:

If firewall rules gets cleaned out before fail2ban exits (like was
happening with firestarter), errors get reported during the exit of
fail2ban, but they are "safe" and can be ignored.

 -- Yaroslav O. Halchenko <debian@onerussian.com>, Thu Oct 20 13:24:56 2005