]> git.pld-linux.org Git - packages/fail2ban.git/blob - logifiles.patch
projects / packages / fail2ban.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
- use our paths to logfiles
[packages/fail2ban.git] / logifiles.patch
1 --- fail2ban-0.8.11/config/jail.conf.orig       2014-01-06 20:44:20.948073144 +0100
2 +++ fail2ban-0.8.11/config/jail.conf    2014-01-06 20:52:15.888069706 +0100
3 @@ -75,7 +75,7 @@
4  filter   = sshd
5  action   = iptables[name=SSH, port=ssh, protocol=tcp]
6             sendmail-whois[name=SSH, dest=you@example.com, sender=fail2ban@example.com, sendername="Fail2Ban"]
7 -logpath  = /var/log/sshd.log
8 +logpath  = /var/log/secure
9  maxretry = 5
10  
11  [proftpd-iptables]
12 @@ -84,7 +84,7 @@
13  filter   = proftpd
14  action   = iptables[name=ProFTPD, port=ftp, protocol=tcp]
15             sendmail-whois[name=ProFTPD, dest=you@example.com]
16 -logpath  = /var/log/proftpd/proftpd.log
17 +logpath  = /var/log/secure
18  maxretry = 6
19  
20  
21 @@ -96,7 +96,7 @@
22  backend  = polling
23  action   = iptables[name=sasl, port=smtp, protocol=tcp]
24             sendmail-whois[name=sasl, dest=you@example.com]
25 -logpath  = /var/log/mail.log
26 +logpath  = /var/log/maillog
27  
28  
29  # ASSP SMTP Proxy Jail
30 @@ -117,7 +117,7 @@
31  action      = hostsdeny[daemon_list=sshd]
32                sendmail-whois[name=SSH, dest=you@example.com]
33  ignoreregex = for myuser from
34 -logpath     = /var/log/sshd.log
35 +logpath     = /var/log/secure
36  
37  
38  # Here we use blackhole routes for not requiring any additional kernel support
39 @@ -127,7 +127,7 @@
40  enabled  = false
41  filter   = sshd
42  action   = route
43 -logpath  = /var/log/sshd.log
44 +logpath  = /var/log/secure
45  maxretry = 5
46  
47  
48 @@ -141,7 +141,7 @@
49  enabled  = false
50  filter   = sshd
51  action   = iptables-ipset-proto4[name=SSH, port=ssh, protocol=tcp]
52 -logpath  = /var/log/sshd.log
53 +logpath  = /var/log/secure
54  maxretry = 5
55  
56  
57 @@ -150,7 +150,7 @@
58  enabled  = false
59  filter   = sshd
60  action   = iptables-ipset-proto6[name=SSH, port=ssh, protocol=tcp, bantime=600]
61 -logpath  = /var/log/sshd.log
62 +logpath  = /var/log/secure
63  maxretry = 5
64  
65  
66 @@ -176,7 +176,7 @@
67  enabled  = false
68  filter  = apache-auth
69  action   = hostsdeny
70 -logpath  = /var/log/apache*/*error.log
71 +logpath  = /var/log/httpd/*error_log
72             /home/www/myhomepage/error.log
73  maxretry = 6
74  
75 @@ -197,7 +197,7 @@
76  filter   = postfix
77  action   = hostsdeny[file=/not/a/standard/path/hosts.deny]
78             sendmail[name=Postfix, dest=you@example.com]
79 -logpath  = /var/log/postfix.log
80 +logpath  = /var/log/maillog
81  bantime  = 300
82  
83  
84 @@ -233,7 +233,7 @@
85  filter   = apache-badbots
86  action   = iptables-multiport[name=BadBots, port="http,https"]
87             sendmail-buffered[name=BadBots, lines=5, dest=you@example.com]
88 -logpath  = /var/www/*/logs/access_log
89 +logpath  = /var/log/httpd/*access_log
90  bantime  = 172800
91  maxretry = 1
92  
93 @@ -245,7 +245,7 @@
94  filter   = apache-noscript
95  action   = shorewall
96             sendmail[name=Postfix, dest=you@example.com]
97 -logpath  = /var/log/apache2/error_log
98 +logpath  = /var/log/httpd/error_log
99  
100  
101  # Monitor roundcube server
102 @@ -276,7 +276,7 @@
103  enabled  = false
104  action   = iptables-multiport[name=php-url-open, port="http,https"]
105  filter   = php-url-fopen
106 -logpath  = /var/www/*/logs/access_log
107 +logpath  = /var/log/httpd/*access_log
108  maxretry = 1
109  
110  
111 @@ -341,7 +341,7 @@
112  filter   = named-refused
113  action   = iptables-multiport[name=Named, port="domain,953", protocol=tcp]
114             sendmail-whois[name=Named, dest=you@example.com]
115 -logpath  = /var/log/named/security.log
116 +logpath  = /var/log/named/named.log
117  ignoreip = 168.192.0.1
118  
119  
120 @@ -385,7 +385,7 @@
121  filter   = mysqld-auth
122  action   = iptables[name=mysql, port=3306, protocol=tcp]
123             sendmail-whois[name=MySQL, dest=root, sender=fail2ban@example.com]
124 -logpath  = /var/log/mysqld.log
125 +logpath  = /var/log/mysql/mysqld.log
126  maxretry = 5
127  
128  
129 @@ -394,7 +394,7 @@
130  enabled  = false
131  filter   = mysqld-auth
132  action   = iptables[name=mysql, port=3306, protocol=tcp]
133 -logpath  = /var/log/daemon.log
134 +logpath  = /var/log/mysql/mysqld.log
135  maxretry = 5
136  
137  
138 @@ -438,7 +438,7 @@
139  enabled = false
140  filter  = exim
141  action  = iptables-multiport[name=exim,port="25,465,587"]
142 -logpath = /var/log/exim/mainlog
143 +logpath = /var/log/exim/main.log
144  
145  
146  [exim-spam]
147 @@ -446,7 +446,7 @@
148  enabled = false
149  filter  = exim-spam
150  action  = iptables-multiport[name=exim-spam,port="25,465,587"]
151 -logpath = /var/log/exim/mainlog
152 +logpath = /var/log/exim/main.log
153  
154  
155  [perdition]
156 @@ -497,7 +497,7 @@
157  enabled = false
158  filter  = webmin-auth
159  action  = iptables-multiport[name=webmin,port="10000"]
160 -logpath = /var/log/auth.log
161 +logpath = /var/log/secure
162  
163  
164  # dovecot defaults to logging to the mail syslog facility
165 @@ -507,7 +507,7 @@
166  enabled = false
167  filter  = dovecot
168  action  = iptables-multiport[name=dovecot, port="pop3,pop3s,imap,imaps,submission,smtps,sieve", protocol=tcp]
169 -logpath = /var/log/mail.log
170 +logpath = /var/log/maillog
171  
172  
173  [dovecot-auth]
Ban IPs that make too many password failures
This page took 0.056473 seconds and 3 git commands to generate.