rpms / fail2ban

Clone
Source Code
GIT

Blame fail2ban-logfiles.patch

el4 el5 el6 epel7 epel8 epel8-playground epel9 f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f7 f8 f9 fc6 main rawhide
  1.   8cded8185094dc868feba424c040f64063d6ca38
  2.   fail2ban-logfiles.patch
Blob History Raw
Orion Poplawski b5e668e 
diff -up fail2ban-0.9-d529151/config/jail.conf.logfiles fail2ban-0.9-d529151/config/jail.conf
Orion Poplawski b5e668e 
--- fail2ban-0.9-d529151/config/jail.conf.logfiles	2013-07-28 03:43:54.000000000 -0600
Orion Poplawski b5e668e 
+++ fail2ban-0.9-d529151/config/jail.conf	2013-08-08 21:23:41.785950007 -0600
Orion Poplawski b5e668e 
@@ -152,20 +152,18 @@ action = %(action_)s
Orion Poplawski b5e668e 
 [sshd]
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 port    = ssh
Orion Poplawski b5e668e 
-logpath = /var/log/auth.log
Orion Poplawski b5e668e 
-          /var/log/sshd.log
Orion Poplawski b5e668e 
+logpath = /var/log/secure
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 [sshd-ddos]
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 port    = ssh
Orion Poplawski b5e668e 
-logpath = /var/log/auth.log
Orion Poplawski b5e668e 
-          /var/log/sshd.log
Orion Poplawski b5e668e 
+logpath = /var/log/secure
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 [dropbear]
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 port     = ssh
Orion Poplawski b5e668e 
 filter   = sshd
Orion Poplawski b5e668e 
-logpath  = /var/log/dropbear
Orion Poplawski b5e668e 
+logpath  = /var/log/secure
Orion Poplawski b5e668e
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 # Generic filter for PAM. Has to be used with action which bans all
Orion Poplawski b5e668e 
@@ -175,12 +173,12 @@ logpath  = /var/log/dropbear
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 # pam-generic filter can be customized to monitor specific subset of 'tty's
Orion Poplawski b5e668e 
 banaction = iptables-allports
Orion Poplawski b5e668e 
-logpath  = /var/log/auth.log
Orion Poplawski b5e668e 
+logpath  = /var/log/secure
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 [xinetd-fail]
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 banaction = iptables-multiport-log
Orion Poplawski b5e668e 
-logpath   = /var/log/daemon.log
Orion Poplawski b5e668e 
+logpath   = /var/log/messages
Orion Poplawski b5e668e 
 maxretry  = 2
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 # .. custom jails
Orion Poplawski b5e668e 
@@ -201,7 +199,7 @@ filter      = sshd
Orion Poplawski b5e668e 
 action      = hostsdeny[daemon_list=sshd]
Orion Poplawski b5e668e 
               sendmail-whois[name=SSH, dest=you@example.com]
Orion Poplawski b5e668e 
 ignoreregex = for myuser from
Orion Poplawski b5e668e 
-logpath     = /var/log/sshd.log
Orion Poplawski b5e668e 
+logpath     = /var/log/secure
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 # Here we use blackhole routes for not requiring any additional kernel support
Orion Poplawski b5e668e 
 # to store large volumes of banned IPs
Orion Poplawski b5e668e 
@@ -210,7 +208,7 @@ logpath     = /var/log/sshd.log
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 filter = sshd
Orion Poplawski b5e668e 
 action = route
Orion Poplawski b5e668e 
-logpath = /var/log/sshd.log
Orion Poplawski b5e668e 
+logpath = /var/log/secure
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 # Here we use a combination of Netfilter/Iptables and IPsets
Orion Poplawski b5e668e 
 # for storing large volumes of banned IPs
Orion Poplawski b5e668e 
@@ -221,13 +219,13 @@ logpath = /var/log/sshd.log
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 filter   = sshd
Orion Poplawski b5e668e 
 action   = iptables-ipset-proto4[name=SSH, port=ssh, protocol=tcp]
Orion Poplawski b5e668e 
-logpath  = /var/log/sshd.log
Orion Poplawski b5e668e 
+logpath  = /var/log/secure
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 [sshd-iptables-ipset6]
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 filter   = sshd
Orion Poplawski b5e668e 
 action   = iptables-ipset-proto6[name=SSH, port=ssh, protocol=tcp, bantime=600]
Orion Poplawski b5e668e 
-logpath  = /var/log/sshd.log
Orion Poplawski b5e668e 
+logpath  = /var/log/secure
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 # This jail uses ipfw, the standard firewall on FreeBSD. The "ignoreip"
Orion Poplawski b5e668e 
 # option is overridden in this jail. Moreover, the action "mail-whois" defines
Orion Poplawski b5e668e 
@@ -238,7 +236,7 @@ logpath  = /var/log/sshd.log
Orion Poplawski b5e668e 
 filter   = sshd
Orion Poplawski b5e668e 
 action   = ipfw[localhost=192.168.0.1]
Orion Poplawski b5e668e 
            sendmail-whois[name="SSH,IPFW", dest=you@example.com]
Orion Poplawski b5e668e 
-logpath  = /var/log/auth.log
Orion Poplawski b5e668e 
+logpath  = /var/log/secure
Orion Poplawski b5e668e 
 ignoreip = 168.192.0.1
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 # bsd-ipfw is ipfw used by BSD. It uses ipfw tables.
Orion Poplawski b5e668e 
@@ -250,7 +248,7 @@ ignoreip = 168.192.0.1
Orion Poplawski b5e668e 
 [ssh-bsd-ipfw]
Orion Poplawski b5e668e 
 filter   = sshd
Orion Poplawski b5e668e 
 action   = bsd-ipfw[port=ssh,table=1]
Orion Poplawski b5e668e 
-logpath  = /var/log/auth.log
Orion Poplawski b5e668e 
+logpath  = /var/log/secure
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 #
Orion Poplawski b5e668e 
 # HTTP servers
Orion Poplawski b5e668e 
@@ -259,7 +257,7 @@ logpath  = /var/log/auth.log
Orion Poplawski b5e668e 
 [apache-auth]
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 port     = http,https
Orion Poplawski b5e668e 
-logpath  = /var/log/apache*/*error.log
Orion Poplawski b5e668e 
+logpath  = /var/log/httpd/*error_log
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 # Ban hosts which agent identifies spammer robots crawling the web
Orion Poplawski b5e668e 
 # for email addresses. The mail outputs are buffered.
Orion Poplawski b5e668e 
@@ -267,21 +265,20 @@ logpath  = /var/log/apache*/*error.log
Orion Poplawski b5e668e 
 [apache-badbots]
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 port     = http,https
Orion Poplawski b5e668e 
-logpath  = /var/log/apache*/*access.log
Orion Poplawski b5e668e 
-		   /var/www/*/logs/access_log
Orion Poplawski b5e668e 
+logpath  = /var/log/httpd/*access_log
Orion Poplawski b5e668e 
 bantime  = 172800
Orion Poplawski b5e668e 
 maxretry = 1
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 [apache-noscript]
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 port     = http,https
Orion Poplawski b5e668e 
-logpath  = /var/log/apache*/*error.log
Orion Poplawski b5e668e 
+logpath  = /var/log/httpd/*error_log
Orion Poplawski b5e668e 
 maxretry = 6
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 [apache-overflows]
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 port     = http,https
Orion Poplawski b5e668e 
-logpath  = /var/log/apache*/*error.log
Orion Poplawski b5e668e 
+logpath  = /var/log/httpd/*error_log
Orion Poplawski b5e668e 
 maxretry = 2
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 # Ban attackers that try to use PHP's URL-fopen() functionality
Orion Poplawski b5e668e 
@@ -291,7 +288,7 @@ maxretry = 2
Orion Poplawski b5e668e 
 [php-url-fopen]
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 port    = http,https
Orion Poplawski b5e668e 
-logpath = /var/www/*/logs/access_log
Orion Poplawski b5e668e 
+logpath = /var/log/httpd/*access_log
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 # A simple PHP-fastcgi jail which works with lighttpd.
Orion Poplawski b5e668e 
 # If you run a lighttpd server, then you probably will
Orion Poplawski b5e668e 
@@ -330,7 +327,7 @@ logpath  = /var/log/sogo/sogo.log
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 filter	 = apache-auth
Orion Poplawski b5e668e 
 action   = hostsdeny
Orion Poplawski b5e668e 
-logpath  = /var/log/apache*/*error.log
Orion Poplawski b5e668e 
+logpath  = /var/log/httpd/*error_log
Orion Poplawski b5e668e 
 maxretry = 6
Orion Poplawski b5e668e
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
@@ -347,7 +344,7 @@ logpath  = /var/log/proftpd/proftpd.log
Orion Poplawski b5e668e 
 [pure-ftpd]
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 port     = ftp,ftp-data,ftps,ftps-data
Orion Poplawski b5e668e 
-logpath  = /var/log/auth.log
Orion Poplawski b5e668e 
+logpath  = /var/log/secure
Orion Poplawski b5e668e 
 maxretry = 6
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 [vsftpd]
Orion Poplawski b5e668e 
@@ -355,7 +352,7 @@ maxretry = 6
Orion Poplawski b5e668e 
 port     = ftp,ftp-data,ftps,ftps-data
Orion Poplawski b5e668e 
 logpath  = /var/log/vsftpd.log
Orion Poplawski b5e668e 
 # or overwrite it in jails.local to be
Orion Poplawski b5e668e 
-# logpath = /var/log/auth.log
Orion Poplawski b5e668e 
+# logpath = /var/log/secure
Orion Poplawski b5e668e 
 # if you want to rely on PAM failed login attempts
Orion Poplawski b5e668e 
 # vsftpd's failregex should match both of those formats
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
@@ -384,12 +381,12 @@ maxretry = 6
Orion Poplawski b5e668e 
 [courier-smtp]
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 port     = smtp,ssmtp,submission
Orion Poplawski b5e668e 
-logpath  = /var/log/mail.log
Orion Poplawski b5e668e 
+logpath  = /var/log/maillog
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 [postfix]
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 port     = smtp,ssmtp,submission
Orion Poplawski b5e668e 
-logpath  = /var/log/mail.log
Orion Poplawski b5e668e 
+logpath  = /var/log/maillog
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 # The hosts.deny path can be defined with the "file" argument if it is
Orion Poplawski b5e668e 
 # not in /etc.
Orion Poplawski b5e668e 
@@ -410,7 +407,7 @@ bantime  = 300
Orion Poplawski b5e668e 
 [courier-auth]
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 port     = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s
Orion Poplawski b5e668e 
-logpath  = /var/log/mail.log
Orion Poplawski b5e668e 
+logpath  = /var/log/maillog
Orion Poplawski b5e668e
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 [sasl]
Orion Poplawski b5e668e 
@@ -419,12 +416,12 @@ port     = smtp,ssmtp,submission,imap2,i
Orion Poplawski b5e668e 
 # You might consider monitoring /var/log/mail.warn instead if you are
Orion Poplawski b5e668e 
 # running postfix since it would provide the same log lines at the
Orion Poplawski b5e668e 
 # "warn" level but overall at the smaller filesize.
Orion Poplawski b5e668e 
-logpath  = /var/log/mail.log
Orion Poplawski b5e668e 
+logpath  = /var/log/maillog
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 [dovecot]
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 port    = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s
Orion Poplawski b5e668e 
-logpath = /var/log/mail.log
Orion Poplawski b5e668e 
+logpath = /var/log/maillog
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 #
Orion Poplawski b5e668e 
 # DNS servers
Orion Poplawski b5e668e 
@@ -519,7 +516,7 @@ maxretry = 5
Orion Poplawski b5e668e 
 enabled=false
Orion Poplawski b5e668e 
 filter = sshd
Orion Poplawski b5e668e 
 action = pf
Orion Poplawski b5e668e 
-logpath  = /var/log/sshd.log
Orion Poplawski b5e668e 
+logpath  = /var/log/secure
Orion Poplawski b5e668e 
 maxretry=5
Orion Poplawski b5e668e
Orion Poplawski b5e668e 
 [3proxy]
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.