[packages/DenyHosts.git] / DenyHosts.cfg

       ############ THESE SETTINGS ARE REQUIRED ############

########################################################################
#
# SECURE_LOG: the log file that contains sshd logging info
# if you are not sure, grep "sshd:" /var/log/*
#
# The file to process can be overridden with the --file command line
# argument
#
# Redhat:
SECURE_LOG = /var/log/secure
#
# Mandrake or FreeBSD: 
#SECURE_LOG = /var/log/auth.log
#
# SuSE:
#SECURE_LOG = /var/log/messages
#
########################################################################


########################################################################
# HOSTS_DENY: the file which contains restricted host access information
#
# Most operating systems:
HOSTS_DENY = /etc/tcpd/hosts.deny
#
# Some BSD (FreeBSD) Unixes:
#HOSTS_DENY = /etc/hosts.allow
#
# Another possibility (also see the next option):
#HOSTS_DENY = /etc/hosts.evil
#######################################################################


########################################################################
# PURGE_DENY: removed HOSTS_DENY entries that are older than this time
#             when DenyHosts is invoked with the --purge flag
#
#      format is: i[dhwmy]
#      Where 'i' is an integer (eg. 7) 
#            'm' = minutes
#            'h' = hours
#            'd' = days
#            'w' = weeks
#            'y' = years
#
# never purge:
PURGE_DENY = 
#
# purge entries older than 1 week
#PURGE_DENY = 1w
#
# purge entries older than 5 days
#PURGE_DENY = 5d
#######################################################################


#######################################################################
# BLOCK_SERVICE: the service name that should be blocked in HOSTS_DENY
# 
# man 5 host_access for details
#
# eg.   sshd: 127.0.0.1  # will block sshd logins from 127.0.0.1
#
# To block all services for the offending host:
#BLOCK_SERVICE = ALL
# To block only sshd:
BLOCK_SERVICE  = sshd
# To only record the offending host and nothing else (if using
# an auxilary file to list the hosts).  Refer to: 
# http://denyhosts.sourceforge.net/faq.html#aux
#BLOCK_SERVICE =    
#
#######################################################################


#######################################################################
#
# DENY_THRESHOLD: block each host after the number of failed login 
# attempts has exceeded this value.
#
DENY_THRESHOLD = 3
#
#######################################################################

#######################################################################
#
# WORK_DIR: the path that DenyHosts will use for writing data to
# (it will be created if it does not already exist).       
#
WORK_DIR = /var/lib/DenyHosts
#
#######################################################################

#######################################################################
#
# SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS
#
# SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES|NO
# If set to YES, if a suspicious login attempt results from an allowed-host
# then it is considered suspicious.  If this is NO, then suspicious logins 
# from allowed-hosts will not be reported.  All suspicious logins from 
# ip addresses that are not in allowed-hosts will always be reported.
#
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
######################################################################

######################################################################
#
# HOSTNAME_LOOKUP
#
# HOSTNAME_LOOKUP=YES|NO
# If set to YES, for each IP address that is reported by Denyhosts,
# the corresponding hostname will be looked up and reported as well
# (if available).
#
HOSTNAME_LOOKUP=YES
######################################################################


######################################################################
#
# LOCK_FILE
#
# LOCK_FILE=/path/denyhosts
# If this file exists when DenyHosts is run, then DenyHosts will exit
# immediately.  Otherwise, this file will be created upon invocation
# and deleted upon exit.  This ensures that only one instance is
# running at a time.
#
# Redhat/Fedora:
LOCK_FILE = /var/lock/subsys/denyhosts
#
#LOCK_FILE = /tmp/denyhosts.lock

######################################################################


       ############ THESE SETTINGS ARE OPTIONAL ############


#######################################################################
#
# ADMIN_EMAIL: if you would like to receive emails regarding newly
# restricted hosts and suspicious logins, set this address to 
# match your email address.  If you do not want to receive these reports
# leave this field blank (or run with the --noemail option)
#
ADMIN_EMAIL = root@localhost
#
#######################################################################

#######################################################################
#
SMTP_HOST = localhost
SMTP_PORT = 25
SMTP_FROM = DenyHosts
SMTP_SUBJECT = DenyHosts Report
#
#######################################################################


#######################################################################
#
# DAEMON_LOG: when DenyHosts is run in daemon mode (--daemon flag)
# this is the logfile that DenyHosts uses to report it's status.
# To disable logging, leave blank.  (default is: /var/log/denyhosts)
#
DAEMON_LOG = /var/log/denyhosts
#
# disable logging:
#DAEMON_LOG = 
#
######################################################################


#######################################################################
#
# DAEMON_SLEEP: when DenyHosts is run in daemon mode (--daemon flag)
# this is the amount of time DenyHosts will sleep between polling
# the SECURE_LOG.  This value is in seconds (default is 30)
#
DAEMON_SLEEP = 30
#
#######################################################################

#######################################################################
#
# DAEMON_PURGE: How often should DenyHosts, when run in daemon mode
# run the purge mechanism to expire old entries in HOSTS_DENY
# This value is in seconds (default is 3600 seconds = 1 hour)
# This has no effect if PURGE_DENY is blank.
#
DAEMON_PURGE = 60
#
#######################################################################
Commit	Line	Data
6b557d34	1	############ THESE SETTINGS ARE REQUIRED ############
cb64b9ac	2
	3	########################################################################
	4	#
	5	# SECURE_LOG: the log file that contains sshd logging info
	6	# if you are not sure, grep "sshd:" /var/log/*
	7	#
	8	# The file to process can be overridden with the --file command line
	9	# argument
	10	#
	11	# Redhat:
	12	SECURE_LOG = /var/log/secure
	13	#
6b557d34	14	# Mandrake or FreeBSD:
cb64b9ac	15	#SECURE_LOG = /var/log/auth.log
	16	#
	17	# SuSE:
	18	#SECURE_LOG = /var/log/messages
	19	#
	20	########################################################################
	21
6b557d34	22
cb64b9ac	23	########################################################################
	24	# HOSTS_DENY: the file which contains restricted host access information
	25	#
6b557d34	26	# Most operating systems:
cb64b9ac	27	HOSTS_DENY = /etc/tcpd/hosts.deny
cb64b9ac	28	#
6b557d34	29	# Some BSD (FreeBSD) Unixes:
	30	#HOSTS_DENY = /etc/hosts.allow
	31	#
	32	# Another possibility (also see the next option):
	33	#HOSTS_DENY = /etc/hosts.evil
	34	#######################################################################
	35
	36
	37	########################################################################
	38	# PURGE_DENY: removed HOSTS_DENY entries that are older than this time
	39	# when DenyHosts is invoked with the --purge flag
	40	#
	41	# format is: i[dhwmy]
	42	# Where 'i' is an integer (eg. 7)
	43	# 'm' = minutes
	44	# 'h' = hours
	45	# 'd' = days
	46	# 'w' = weeks
	47	# 'y' = years
	48	#
	49	# never purge:
	50	PURGE_DENY =
	51	#
	52	# purge entries older than 1 week
	53	#PURGE_DENY = 1w
	54	#
	55	# purge entries older than 5 days
	56	#PURGE_DENY = 5d
cb64b9ac	57	#######################################################################
	58
	59
	60	#######################################################################
	61	# BLOCK_SERVICE: the service name that should be blocked in HOSTS_DENY
	62	#
	63	# man 5 host_access for details
	64	#
6b557d34	65	# eg. sshd: 127.0.0.1 # will block sshd logins from 127.0.0.1
cb64b9ac	66	#
	67	# To block all services for the offending host:
	68	#BLOCK_SERVICE = ALL
	69	# To block only sshd:
6b557d34	70	BLOCK_SERVICE = sshd
	71	# To only record the offending host and nothing else (if using
	72	# an auxilary file to list the hosts). Refer to:
	73	# http://denyhosts.sourceforge.net/faq.html#aux
	74	#BLOCK_SERVICE =
cb64b9ac	75	#
	76	#######################################################################
	77
6b557d34	78
cb64b9ac	79	#######################################################################
	80	#
	81	# DENY_THRESHOLD: block each host after the number of failed login
	82	# attempts has exceeded this value.
	83	#
	84	DENY_THRESHOLD = 3
	85	#
	86	#######################################################################
	87
	88	#######################################################################
	89	#
	90	# WORK_DIR: the path that DenyHosts will use for writing data to
	91	# (it will be created if it does not already exist).
6b557d34	92	#
6b557d34	93	WORK_DIR = /var/lib/DenyHosts
cb64b9ac	94	#
	95	#######################################################################
	96
6b557d34	97	#######################################################################
	98	#
	99	# SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS
	100	#
	101	# SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES\|NO
	102	# If set to YES, if a suspicious login attempt results from an allowed-host
	103	# then it is considered suspicious. If this is NO, then suspicious logins
	104	# from allowed-hosts will not be reported. All suspicious logins from
	105	# ip addresses that are not in allowed-hosts will always be reported.
	106	#
	107	SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
	108	######################################################################
	109
	110	######################################################################
	111	#
	112	# HOSTNAME_LOOKUP
	113	#
	114	# HOSTNAME_LOOKUP=YES\|NO
	115	# If set to YES, for each IP address that is reported by Denyhosts,
	116	# the corresponding hostname will be looked up and reported as well
	117	# (if available).
	118	#
	119	HOSTNAME_LOOKUP=YES
	120	######################################################################
cb64b9ac	121
cb64b9ac	122
6b557d34	123	######################################################################
	124	#
	125	# LOCK_FILE
	126	#
	127	# LOCK_FILE=/path/denyhosts
	128	# If this file exists when DenyHosts is run, then DenyHosts will exit
	129	# immediately. Otherwise, this file will be created upon invocation
	130	# and deleted upon exit. This ensures that only one instance is
	131	# running at a time.
	132	#
	133	# Redhat/Fedora:
	134	LOCK_FILE = /var/lock/subsys/denyhosts
	135	#
	136	#LOCK_FILE = /tmp/denyhosts.lock
cb64b9ac	137
6b557d34	138	######################################################################
	139
	140
	141	############ THESE SETTINGS ARE OPTIONAL ############
cb64b9ac	142
	143
	144	#######################################################################
	145	#
	146	# ADMIN_EMAIL: if you would like to receive emails regarding newly
	147	# restricted hosts and suspicious logins, set this address to
	148	# match your email address. If you do not want to receive these reports
	149	# leave this field blank (or run with the --noemail option)
	150	#
	151	ADMIN_EMAIL = root@localhost
	152	#
	153	#######################################################################
	154
	155	#######################################################################
	156	#
	157	SMTP_HOST = localhost
	158	SMTP_PORT = 25
	159	SMTP_FROM = DenyHosts
	160	SMTP_SUBJECT = DenyHosts Report
	161	#
	162	#######################################################################
	163
6b557d34	164
	165
	166	#######################################################################
	167	#
	168	# DAEMON_LOG: when DenyHosts is run in daemon mode (--daemon flag)
	169	# this is the logfile that DenyHosts uses to report it's status.
	170	# To disable logging, leave blank. (default is: /var/log/denyhosts)
	171	#
	172	DAEMON_LOG = /var/log/denyhosts
	173	#
	174	# disable logging:
	175	#DAEMON_LOG =
	176	#
	177	######################################################################
	178
	179
	180
	181	#######################################################################
	182	#
	183	# DAEMON_SLEEP: when DenyHosts is run in daemon mode (--daemon flag)
	184	# this is the amount of time DenyHosts will sleep between polling
	185	# the SECURE_LOG. This value is in seconds (default is 30)
	186	#
	187	DAEMON_SLEEP = 30
	188	#
	189	#######################################################################
	190
	191	#######################################################################
	192	#
	193	# DAEMON_PURGE: How often should DenyHosts, when run in daemon mode
	194	# run the purge mechanism to expire old entries in HOSTS_DENY
	195	# This value is in seconds (default is 3600 seconds = 1 hour)
	196	# This has no effect if PURGE_DENY is blank.
	197	#
	198	DAEMON_PURGE = 60
	199	#
	200	#######################################################################
	201