From: Jan Rękorajski Date: Mon, 6 Jan 2014 20:02:36 +0000 (+0100) Subject: - use our paths to logfiles X-Git-Tag: auto/th/fail2ban-0.8.11-3~1 X-Git-Url: http://git.pld-linux.org/?p=packages%2Ffail2ban.git;a=commitdiff_plain;h=8ea7a6c873f5a91cd5206075937c132484facf64 - use our paths to logfiles --- diff --git a/fail2ban.spec b/fail2ban.spec index 2efe850..8a02e71 100644 --- a/fail2ban.spec +++ b/fail2ban.spec @@ -11,6 +11,7 @@ Source1: %{name}.init Source2: %{name}.logrotate Patch0: ipv6.patch Patch1: private-scriptdir.patch +Patch2: logifiles.patch URL: http://fail2ban.sourceforge.net/ BuildRequires: python-devel BuildRequires: python-modules @@ -41,6 +42,7 @@ z sshd czy plikami logów serwera WWW Apache. %setup -q %patch0 -p1 %patch1 -p1 +%patch2 -p1 rm setup.cfg # we don't want very generic named dirs directly in py_sitescriptdir diff --git a/logifiles.patch b/logifiles.patch new file mode 100644 index 0000000..78060b9 --- /dev/null +++ b/logifiles.patch @@ -0,0 +1,173 @@ +--- fail2ban-0.8.11/config/jail.conf.orig 2014-01-06 20:44:20.948073144 +0100 ++++ fail2ban-0.8.11/config/jail.conf 2014-01-06 20:52:15.888069706 +0100 +@@ -75,7 +75,7 @@ + filter = sshd + action = iptables[name=SSH, port=ssh, protocol=tcp] + sendmail-whois[name=SSH, dest=you@example.com, sender=fail2ban@example.com, sendername="Fail2Ban"] +-logpath = /var/log/sshd.log ++logpath = /var/log/secure + maxretry = 5 + + [proftpd-iptables] +@@ -84,7 +84,7 @@ + filter = proftpd + action = iptables[name=ProFTPD, port=ftp, protocol=tcp] + sendmail-whois[name=ProFTPD, dest=you@example.com] +-logpath = /var/log/proftpd/proftpd.log ++logpath = /var/log/secure + maxretry = 6 + + +@@ -96,7 +96,7 @@ + backend = polling + action = iptables[name=sasl, port=smtp, protocol=tcp] + sendmail-whois[name=sasl, dest=you@example.com] +-logpath = /var/log/mail.log ++logpath = /var/log/maillog + + + # ASSP SMTP Proxy Jail +@@ -117,7 +117,7 @@ + action = hostsdeny[daemon_list=sshd] + sendmail-whois[name=SSH, dest=you@example.com] + ignoreregex = for myuser from +-logpath = /var/log/sshd.log ++logpath = /var/log/secure + + + # Here we use blackhole routes for not requiring any additional kernel support +@@ -127,7 +127,7 @@ + enabled = false + filter = sshd + action = route +-logpath = /var/log/sshd.log ++logpath = /var/log/secure + maxretry = 5 + + +@@ -141,7 +141,7 @@ + enabled = false + filter = sshd + action = iptables-ipset-proto4[name=SSH, port=ssh, protocol=tcp] +-logpath = /var/log/sshd.log ++logpath = /var/log/secure + maxretry = 5 + + +@@ -150,7 +150,7 @@ + enabled = false + filter = sshd + action = iptables-ipset-proto6[name=SSH, port=ssh, protocol=tcp, bantime=600] +-logpath = /var/log/sshd.log ++logpath = /var/log/secure + maxretry = 5 + + +@@ -176,7 +176,7 @@ + enabled = false + filter = apache-auth + action = hostsdeny +-logpath = /var/log/apache*/*error.log ++logpath = /var/log/httpd/*error_log + /home/www/myhomepage/error.log + maxretry = 6 + +@@ -197,7 +197,7 @@ + filter = postfix + action = hostsdeny[file=/not/a/standard/path/hosts.deny] + sendmail[name=Postfix, dest=you@example.com] +-logpath = /var/log/postfix.log ++logpath = /var/log/maillog + bantime = 300 + + +@@ -233,7 +233,7 @@ + filter = apache-badbots + action = iptables-multiport[name=BadBots, port="http,https"] + sendmail-buffered[name=BadBots, lines=5, dest=you@example.com] +-logpath = /var/www/*/logs/access_log ++logpath = /var/log/httpd/*access_log + bantime = 172800 + maxretry = 1 + +@@ -245,7 +245,7 @@ + filter = apache-noscript + action = shorewall + sendmail[name=Postfix, dest=you@example.com] +-logpath = /var/log/apache2/error_log ++logpath = /var/log/httpd/error_log + + + # Monitor roundcube server +@@ -276,7 +276,7 @@ + enabled = false + action = iptables-multiport[name=php-url-open, port="http,https"] + filter = php-url-fopen +-logpath = /var/www/*/logs/access_log ++logpath = /var/log/httpd/*access_log + maxretry = 1 + + +@@ -341,7 +341,7 @@ + filter = named-refused + action = iptables-multiport[name=Named, port="domain,953", protocol=tcp] + sendmail-whois[name=Named, dest=you@example.com] +-logpath = /var/log/named/security.log ++logpath = /var/log/named/named.log + ignoreip = 168.192.0.1 + + +@@ -385,7 +385,7 @@ + filter = mysqld-auth + action = iptables[name=mysql, port=3306, protocol=tcp] + sendmail-whois[name=MySQL, dest=root, sender=fail2ban@example.com] +-logpath = /var/log/mysqld.log ++logpath = /var/log/mysql/mysqld.log + maxretry = 5 + + +@@ -394,7 +394,7 @@ + enabled = false + filter = mysqld-auth + action = iptables[name=mysql, port=3306, protocol=tcp] +-logpath = /var/log/daemon.log ++logpath = /var/log/mysql/mysqld.log + maxretry = 5 + + +@@ -438,7 +438,7 @@ + enabled = false + filter = exim + action = iptables-multiport[name=exim,port="25,465,587"] +-logpath = /var/log/exim/mainlog ++logpath = /var/log/exim/main.log + + + [exim-spam] +@@ -446,7 +446,7 @@ + enabled = false + filter = exim-spam + action = iptables-multiport[name=exim-spam,port="25,465,587"] +-logpath = /var/log/exim/mainlog ++logpath = /var/log/exim/main.log + + + [perdition] +@@ -497,7 +497,7 @@ + enabled = false + filter = webmin-auth + action = iptables-multiport[name=webmin,port="10000"] +-logpath = /var/log/auth.log ++logpath = /var/log/secure + + + # dovecot defaults to logging to the mail syslog facility +@@ -507,7 +507,7 @@ + enabled = false + filter = dovecot + action = iptables-multiport[name=dovecot, port="pop3,pop3s,imap,imaps,submission,smtps,sieve", protocol=tcp] +-logpath = /var/log/mail.log ++logpath = /var/log/maillog + + + [dovecot-auth]