Prev
Index: jail.conf
===================================================================
--- config/jail.conf 2014-03-15 08:49:54.000000000 +0100
+++ config/jail.conf 2014-04-08 19:42:38.005436901 +0200
@@ -97,8 +97,7 @@
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
sendmail-whois[name=SSH, dest=you@example.com, sender=fail2ban@example.com, sendername="Fail2Ban"]
-logpath = /var/log/sshd.log
-maxretry = 5
+logpath = /var/log/auth.log
[ssh-ddos]
@@ -106,7 +105,7 @@
enabled = false
filter = sshd-ddos
action = iptables[name=SSHDDOS, port=ssh, protocol=tcp]
-logpath = /var/log/sshd.log
+logpath = /var/log/auth.log
maxretry = 2
@@ -202,7 +201,7 @@
action = hostsdeny[daemon_list=sshd]
sendmail-whois[name=SSH, dest=you@example.com]
ignoreregex = for myuser from
-logpath = /var/log/sshd.log
+logpath = /var/log/auth.log
# Here we use blackhole routes for not requiring any additional kernel support
@@ -212,8 +211,7 @@
enabled = false
filter = sshd
action = route
-logpath = /var/log/sshd.log
-maxretry = 5
+logpath = /var/log/auth.log
# Here we use a combination of Netfilter/Iptables and IPsets
@@ -226,8 +224,7 @@
enabled = false
filter = sshd
action = iptables-ipset-proto4[name=SSH, port=ssh, protocol=tcp]
-logpath = /var/log/sshd.log
-maxretry = 5
+logpath = /var/log/auth.log
[ssh-iptables-ipset6]
@@ -235,23 +232,7 @@
enabled = false
filter = sshd
action = iptables-ipset-proto6[name=SSH, port=ssh, protocol=tcp, bantime=600]
-logpath = /var/log/sshd.log
-maxretry = 5
-
-
-# bsd-ipfw is ipfw used by BSD. It uses ipfw tables.
-# table number must be unique.
-#
-# This will create a deny rule for that table ONLY if a rule
-# for the table doesn't ready exist.
-#
-[ssh-bsd-ipfw]
-
-enabled = false
-filter = sshd
-action = bsd-ipfw[port=ssh,table=1]
logpath = /var/log/auth.log
-maxretry = 5
# This jail demonstrates the use of wildcards in "logpath".
@@ -261,8 +242,7 @@
enabled = false
filter = apache-auth
action = hostsdeny
-logpath = /var/log/apache*/*error.log
- /home/www/myhomepage/error.log
+logpath = /var/log/httpd/*error_log
maxretry = 6
@@ -271,8 +251,7 @@
enabled = false
filter = apache-modsecurity
action = iptables-multiport[name=apache-modsecurity,port="80,443"]
-logpath = /var/log/apache*/*error.log
- /home/www/myhomepage/error.log
+logpath = /var/log/httpd/*error_log
maxretry = 2
@@ -281,8 +260,7 @@
enabled = false
filter = apache-overflows
action = iptables-multiport[name=apache-overflows,port="80,443"]
-logpath = /var/log/apache*/*error.log
- /home/www/myhomepage/error.log
+logpath = /var/log/httpd/*error_log
maxretry = 2
@@ -291,8 +269,7 @@
enabled = false
filter = apache-nohome
action = iptables-multiport[name=apache-nohome,port="80,443"]
-logpath = /var/log/apache*/*error.log
- /home/www/myhomepage/error.log
+logpath = /var/log/httpd/*error_log
maxretry = 2
@@ -396,7 +373,7 @@
filter = apache-badbots
action = iptables-multiport[name=BadBots, port="http,https"]
sendmail-buffered[name=BadBots, lines=5, dest=you@example.com]
-logpath = /var/www/*/logs/access_log
+logpath = /var/log/httpd/*access_log
bantime = 172800
maxretry = 1
@@ -408,7 +385,7 @@
filter = apache-noscript
action = shorewall
sendmail[name=Postfix, dest=you@example.com]
-logpath = /var/log/apache2/error_log
+logpath = /var/log/httpd/*error_log
# Monitor roundcube server
@@ -631,16 +608,6 @@
maxretry = 5
-# PF is a BSD based firewall
-[ssh-pf]
-
-enabled = false
-filter = sshd
-action = pf
-logpath = /var/log/sshd.log
-maxretry = 5
-
-
[3proxy]
enabled = false
@@ -681,15 +648,6 @@
logpath = /var/log/maillog
-[osx-ssh-ipfw]
-
-enabled = false
-filter = sshd
-action = osx-ipfw
-logpath = /var/log/secure.log
-maxretry = 5
-
-
[ssh-apf]
enabled = false
@@ -699,15 +657,6 @@
maxretry = 5
-[osx-ssh-afctl]
-
-enabled = false
-filter = sshd
-action = osx-afctl[bantime=600]
-logpath = /var/log/secure.log
-maxretry = 5
-
-
[webmin-auth]
enabled = false
@@ -761,7 +710,7 @@
action = iptables[name=SSH, port=ssh, protocol=tcp]
sendmail-whois[name=SSH, dest=you@example.com, sender=fail2ban@example.com, sendername="Fail2Ban"]
blocklist_de[email="fail2ban@example.com", apikey="xxxxxx", service=%(filter)s]
-logpath = /var/log/sshd.log
+logpath = /var/log/auth.log
maxretry = 20