mirror of https://github.com/fail2ban/fail2ban
97 lines
2.8 KiB
Plaintext
97 lines
2.8 KiB
Plaintext
# Common
|
|
#
|
|
|
|
[INCLUDES]
|
|
|
|
after = paths-overrides.local
|
|
|
|
[DEFAULT]
|
|
|
|
default_backend = %(default/backend)s
|
|
|
|
# Initial common values (to overwrite in path-<distribution>.conf)...
|
|
# There is no sensible generic defaults for syslog log targets, thus
|
|
# leaving them empty here (resp. set to mostly used variant) in order
|
|
# to avoid errors while parsing/interpolating configs.
|
|
#
|
|
# Note systemd-backend does not need the logpath at all.
|
|
#
|
|
syslog_local0 = /var/log/messages
|
|
|
|
syslog_authpriv = /var/log/auth.log
|
|
syslog_daemon = %(syslog_local0)s
|
|
syslog_ftp = %(syslog_local0)s
|
|
syslog_mail =
|
|
syslog_mail_warn =
|
|
syslog_user = %(syslog_local0)s
|
|
|
|
# Set the default syslog backend target to default_backend
|
|
syslog_backend = %(default_backend)s
|
|
|
|
# Default values for several jails:
|
|
|
|
sshd_log = %(syslog_authpriv)s
|
|
sshd_backend = %(default_backend)s
|
|
|
|
dropbear_log = %(syslog_authpriv)s
|
|
dropbear_backend = %(default_backend)s
|
|
|
|
apache_error_log = /var/log/apache2/*error.log
|
|
|
|
apache_access_log = /var/log/apache2/*access.log
|
|
|
|
# from /etc/audit/auditd.conf
|
|
auditd_log = /var/log/audit/audit.log
|
|
|
|
exim_main_log = /var/log/exim/mainlog
|
|
|
|
nginx_error_log = /var/log/nginx/*error.log
|
|
|
|
nginx_access_log = /var/log/nginx/*access.log
|
|
|
|
|
|
lighttpd_error_log = /var/log/lighttpd/error.log
|
|
|
|
# http://www.hardened-php.net/suhosin/configuration.html#suhosin.log.syslog.facility
|
|
# syslog_user is the default. Lighttpd also hooks errors into its log.
|
|
|
|
suhosin_log = %(syslog_user)s
|
|
%(lighttpd_error_log)s
|
|
|
|
# defaults to ftp or local2 if ftp doesn't exist
|
|
proftpd_log = %(syslog_ftp)s
|
|
proftpd_backend = %(default_backend)s
|
|
|
|
# http://svnweb.freebsd.org/ports/head/ftp/proftpd/files/patch-src_proftpd.8.in?view=markup
|
|
# defaults to ftp but can be overwritten.
|
|
pureftpd_log = %(syslog_ftp)s
|
|
pureftpd_backend = %(default_backend)s
|
|
|
|
# ftp, daemon and then local7 are tried at configure time however it is overwriteable at configure time
|
|
#
|
|
wuftpd_log = %(syslog_ftp)s
|
|
wuftpd_backend = %(default_backend)s
|
|
|
|
# syslog_enable defaults to no. so it defaults to vsftpd_log_file setting of /var/log/vsftpd.log
|
|
# No distro seems to set it to syslog by default
|
|
# If syslog set it defaults to ftp facility if exists at compile time otherwise falls back to daemonlog.
|
|
vsftpd_log = /var/log/vsftpd.log
|
|
|
|
# Technically syslog_facility in main.cf can overwrite but no-one sane does this.
|
|
postfix_log = %(syslog_mail_warn)s
|
|
postfix_backend = %(default_backend)s
|
|
|
|
dovecot_log = %(syslog_mail_warn)s
|
|
dovecot_backend = %(default_backend)s
|
|
|
|
# Seems to be set at compile time only to LOG_LOCAL0 (src/const.h) at Notice level
|
|
solidpop3d_log = %(syslog_local0)s
|
|
|
|
mysql_log = %(syslog_daemon)s
|
|
mysql_backend = %(default_backend)s
|
|
|
|
roundcube_errors_log = /var/log/roundcube/errors
|
|
|
|
# Directory with ignorecommand scripts
|
|
ignorecommands_dir = /etc/fail2ban/filter.d/ignorecommands
|