]>
Commit | Line | Data |
---|---|---|
8ea7a6c8 JR |
1 | --- fail2ban-0.8.11/config/jail.conf.orig 2014-01-06 20:44:20.948073144 +0100 |
2 | +++ fail2ban-0.8.11/config/jail.conf 2014-01-06 20:52:15.888069706 +0100 | |
3 | @@ -75,7 +75,7 @@ | |
4 | filter = sshd | |
5 | action = iptables[name=SSH, port=ssh, protocol=tcp] | |
6 | sendmail-whois[name=SSH, dest=you@example.com, sender=fail2ban@example.com, sendername="Fail2Ban"] | |
7 | -logpath = /var/log/sshd.log | |
8 | +logpath = /var/log/secure | |
9 | maxretry = 5 | |
10 | ||
11 | [proftpd-iptables] | |
12 | @@ -84,7 +84,7 @@ | |
13 | filter = proftpd | |
14 | action = iptables[name=ProFTPD, port=ftp, protocol=tcp] | |
15 | sendmail-whois[name=ProFTPD, dest=you@example.com] | |
16 | -logpath = /var/log/proftpd/proftpd.log | |
17 | +logpath = /var/log/secure | |
18 | maxretry = 6 | |
19 | ||
20 | ||
21 | @@ -96,7 +96,7 @@ | |
22 | backend = polling | |
23 | action = iptables[name=sasl, port=smtp, protocol=tcp] | |
24 | sendmail-whois[name=sasl, dest=you@example.com] | |
25 | -logpath = /var/log/mail.log | |
26 | +logpath = /var/log/maillog | |
27 | ||
28 | ||
29 | # ASSP SMTP Proxy Jail | |
30 | @@ -117,7 +117,7 @@ | |
31 | action = hostsdeny[daemon_list=sshd] | |
32 | sendmail-whois[name=SSH, dest=you@example.com] | |
33 | ignoreregex = for myuser from | |
34 | -logpath = /var/log/sshd.log | |
35 | +logpath = /var/log/secure | |
36 | ||
37 | ||
38 | # Here we use blackhole routes for not requiring any additional kernel support | |
39 | @@ -127,7 +127,7 @@ | |
40 | enabled = false | |
41 | filter = sshd | |
42 | action = route | |
43 | -logpath = /var/log/sshd.log | |
44 | +logpath = /var/log/secure | |
45 | maxretry = 5 | |
46 | ||
47 | ||
48 | @@ -141,7 +141,7 @@ | |
49 | enabled = false | |
50 | filter = sshd | |
51 | action = iptables-ipset-proto4[name=SSH, port=ssh, protocol=tcp] | |
52 | -logpath = /var/log/sshd.log | |
53 | +logpath = /var/log/secure | |
54 | maxretry = 5 | |
55 | ||
56 | ||
57 | @@ -150,7 +150,7 @@ | |
58 | enabled = false | |
59 | filter = sshd | |
60 | action = iptables-ipset-proto6[name=SSH, port=ssh, protocol=tcp, bantime=600] | |
61 | -logpath = /var/log/sshd.log | |
62 | +logpath = /var/log/secure | |
63 | maxretry = 5 | |
64 | ||
65 | ||
66 | @@ -176,7 +176,7 @@ | |
67 | enabled = false | |
68 | filter = apache-auth | |
69 | action = hostsdeny | |
70 | -logpath = /var/log/apache*/*error.log | |
71 | +logpath = /var/log/httpd/*error_log | |
72 | /home/www/myhomepage/error.log | |
73 | maxretry = 6 | |
74 | ||
75 | @@ -197,7 +197,7 @@ | |
76 | filter = postfix | |
77 | action = hostsdeny[file=/not/a/standard/path/hosts.deny] | |
78 | sendmail[name=Postfix, dest=you@example.com] | |
79 | -logpath = /var/log/postfix.log | |
80 | +logpath = /var/log/maillog | |
81 | bantime = 300 | |
82 | ||
83 | ||
84 | @@ -233,7 +233,7 @@ | |
85 | filter = apache-badbots | |
86 | action = iptables-multiport[name=BadBots, port="http,https"] | |
87 | sendmail-buffered[name=BadBots, lines=5, dest=you@example.com] | |
88 | -logpath = /var/www/*/logs/access_log | |
89 | +logpath = /var/log/httpd/*access_log | |
90 | bantime = 172800 | |
91 | maxretry = 1 | |
92 | ||
93 | @@ -245,7 +245,7 @@ | |
94 | filter = apache-noscript | |
95 | action = shorewall | |
96 | sendmail[name=Postfix, dest=you@example.com] | |
97 | -logpath = /var/log/apache2/error_log | |
98 | +logpath = /var/log/httpd/error_log | |
99 | ||
100 | ||
101 | # Monitor roundcube server | |
102 | @@ -276,7 +276,7 @@ | |
103 | enabled = false | |
104 | action = iptables-multiport[name=php-url-open, port="http,https"] | |
105 | filter = php-url-fopen | |
106 | -logpath = /var/www/*/logs/access_log | |
107 | +logpath = /var/log/httpd/*access_log | |
108 | maxretry = 1 | |
109 | ||
110 | ||
111 | @@ -341,7 +341,7 @@ | |
112 | filter = named-refused | |
113 | action = iptables-multiport[name=Named, port="domain,953", protocol=tcp] | |
114 | sendmail-whois[name=Named, dest=you@example.com] | |
115 | -logpath = /var/log/named/security.log | |
116 | +logpath = /var/log/named/named.log | |
117 | ignoreip = 168.192.0.1 | |
118 | ||
119 | ||
120 | @@ -385,7 +385,7 @@ | |
121 | filter = mysqld-auth | |
122 | action = iptables[name=mysql, port=3306, protocol=tcp] | |
123 | sendmail-whois[name=MySQL, dest=root, sender=fail2ban@example.com] | |
124 | -logpath = /var/log/mysqld.log | |
125 | +logpath = /var/log/mysql/mysqld.log | |
126 | maxretry = 5 | |
127 | ||
128 | ||
129 | @@ -394,7 +394,7 @@ | |
130 | enabled = false | |
131 | filter = mysqld-auth | |
132 | action = iptables[name=mysql, port=3306, protocol=tcp] | |
133 | -logpath = /var/log/daemon.log | |
134 | +logpath = /var/log/mysql/mysqld.log | |
135 | maxretry = 5 | |
136 | ||
137 | ||
138 | @@ -438,7 +438,7 @@ | |
139 | enabled = false | |
140 | filter = exim | |
141 | action = iptables-multiport[name=exim,port="25,465,587"] | |
142 | -logpath = /var/log/exim/mainlog | |
143 | +logpath = /var/log/exim/main.log | |
144 | ||
145 | ||
146 | [exim-spam] | |
147 | @@ -446,7 +446,7 @@ | |
148 | enabled = false | |
149 | filter = exim-spam | |
150 | action = iptables-multiport[name=exim-spam,port="25,465,587"] | |
151 | -logpath = /var/log/exim/mainlog | |
152 | +logpath = /var/log/exim/main.log | |
153 | ||
154 | ||
155 | [perdition] | |
156 | @@ -497,7 +497,7 @@ | |
157 | enabled = false | |
158 | filter = webmin-auth | |
159 | action = iptables-multiport[name=webmin,port="10000"] | |
160 | -logpath = /var/log/auth.log | |
161 | +logpath = /var/log/secure | |
162 | ||
163 | ||
164 | # dovecot defaults to logging to the mail syslog facility | |
165 | @@ -507,7 +507,7 @@ | |
166 | enabled = false | |
167 | filter = dovecot | |
168 | action = iptables-multiport[name=dovecot, port="pop3,pop3s,imap,imaps,submission,smtps,sieve", protocol=tcp] | |
169 | -logpath = /var/log/mail.log | |
170 | +logpath = /var/log/maillog | |
171 | ||
172 | ||
173 | [dovecot-auth] |