+++ /dev/null
-changelog.Debian
\ No newline at end of file
+fail2ban-cn (0.8.5) stable; urgency=low
+
+ * nova Dovecot pravila
+ * paljenje SASL, ProFTPd i Vsftpd monitora
+
+ -- Dinko Korunic <kreator@carnet.hr> Sun, 24 Apr 2011 16:34:38 +0200
+
+fail2ban-cn (0.8.4) stable; urgency=low
+
+ * upgrade paketa za Debian Squeeze
+ * lintian fixevi
+ * dodavanje copyrighta, micanje changelog.CARNet
+
+ -- Dinko Korunic <kreator@carnet.hr> Sun, 23 Apr 2011 15:33:35 +0200
+
fail2ban-cn (0.8.3-2lenny1) stable; urgency=low
* Upgrade paketa za Debian Lenny
Section: net
Priority: optional
Maintainer: Dinko Korunic <kreator@CARNet.hr>
-Build-Depends: debhelper (>= 4)
-Standards-Version: 3.7.2
+Build-Depends: debhelper (>= 7)
+Standards-Version: 3.9.1
Package: fail2ban-cn
Architecture: all
-Depends: fail2ban (>= 0.8.3-2sid1)
+Depends: fail2ban (>= 0.8.4-3), python-gamin (>= 0.1.10-2+b1), ${misc:Depends}
Description: bans IPs that cause multiple authentication errors
Monitors log files (e.g. /var/log/auth.log,
/var/log/apache/access.log) and temporarily or persistently bans
--- /dev/null
+Copyright 2011 CARNet
+
+You are free to distribute this software package under the terms of the
+GNU General Public License.
+
+On Debian systems, the complete text of the GNU General Public
+License can be found in the file /usr/share/common-licenses/GPL.
-changelog.CARNet
README.CARNet
--- /dev/null
+dovecot.conf etc/fail2ban/filter.d
CONF=/etc/fail2ban/jail.conf
if [ -e "$CONF" ]; then
- # enable ssh and pam-generic services
- perl -ne 'if (/\[(ssh|pam-generic)\]/ .. /enabled/) { $_ =~ s/enabled = false/enabled = true/gi }; print $_' "$CONF" > "$CONF.$$" && \
+ # enable ssh, pam-generic, sasl, proftpd and vsftpd service
+ perl -ne 'if (/\[(ssh|pam-generic|sasl|proftpd|vsftpd)\]/ .. /enabled/) { $_ =~ s/enabled = false/enabled = true/gi }; print $_' "$CONF" > "$CONF.$$" && \
cp_mv "$CONF.$$" "$CONF"
rm -f "$CONF.$$"
+ # enable dovecot service
+ cp-update fail2ban-cn "$CONF.$$" <<EOF
+[dovecot]
+
+enabled = true
+port = 110,143
+protocol = tcp
+filter = dovecot
+logpath = /var/log/mail.log
+EOF
+ cp_mv "$CONF.$$" "$CONF"
+
# add network address and class if needed
cp_get_netaddr || true
NETADDR="$RET"
#!/usr/bin/make -f
-# Sample debian/rules that uses debhelper.
-# This file is public domain software, originally written by Joey Hess.
-#
-# This version is for packages that are architecture independent.
-
-# Uncomment this to turn on verbose mode.
-#export DH_VERBOSE=1
-
-build: build-stamp
-build-stamp:
- dh_testdir
-
- # Add here commands to compile the package.
- #$(MAKE)
-
- touch build-stamp
-
-clean:
- dh_testdir
- dh_testroot
- rm -f build-stamp
-
- # Add here commands to clean up after the build process.
- #-$(MAKE) clean
- #-$(MAKE) distclean
-
- dh_clean
-
-install: build
- dh_testdir
- dh_testroot
- dh_clean -k
- dh_installdirs
-
- # Add here commands to install the package into debian/<packagename>.
- #$(MAKE) prefix=`pwd`/debian/`dh_listpackages`/usr install
-
-# Build architecture-independent files here.
-binary-indep: build install
- dh_testdir
- dh_testroot
- dh_installchangelogs
- dh_installdocs
-# dh_installexamples
-# dh_installmenu
-# dh_installdebconf
-# dh_installlogrotate
-# dh_installemacsen
-# dh_installcatalogs
-# dh_installpam
-# dh_installmime
-# dh_installinit
-# dh_installcron
-# dh_installinfo
-# dh_undocumented
- dh_installman
- dh_link
- dh_compress
- dh_fixperms
-# dh_perl
-# dh_python
- dh_installdeb
- dh_gencontrol
- dh_md5sums
- dh_builddeb
-
-# Build architecture-dependent files here.
-binary-arch: build install
-# We have nothing to do by default.
-
-binary: binary-indep binary-arch
-.PHONY: build clean binary-indep binary-arch binary install
+%:
+ dh $@
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: CARNet grupa za pakete
+
+[Definition]
+
+# Option: failregex
+# Notes.: regex to match the password failures messages in the logfile. The
+# host must be matched by a group named "host". The tag "<HOST>" can
+# be used for standard IP/hostname matching and is only an alias for
+# (?:::f{4,6}:)?(?P<host>\S+)
+# Values: TEXT
+#
+#failregex = dovecot.*auth\(default\): pam\(.*,<HOST>\): pam_authenticate\(\) failed:
+failregex = (?: pop3-login|imap-login): (?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed).*rip=(?P<host>\S*),.*
+
+# Option: ignoreregex
+# Notes.: regex to ignore. If this regex matches, the line is ignored.
+# Values: TEXT
+#
+ignoreregex =
projects / fail2ban-cn.git / commitdiff