From 724df8088b10f0957457b152fe4adfe36d63cdbb Mon Sep 17 00:00:00 2001 From: Dinko Korunic Date: Sun, 24 Apr 2011 17:02:27 +0200 Subject: [PATCH] - lintian fixevi - nova dovecot pravila - paljenje sasl, proftpd i vsftpd monitora - copyright - micanje changelog.carnet --- changelog.CARNet | 1 - debian/changelog | 15 +++++++++++ debian/compat | 2 +- debian/control | 6 ++--- debian/copyright | 7 ++++++ debian/docs | 1 - debian/install | 1 + debian/postinst | 16 ++++++++++-- debian/rules | 74 ++---------------------------------------------------- dovecot.conf | 21 ++++++++++++++++ 10 files changed, 64 insertions(+), 80 deletions(-) delete mode 120000 changelog.CARNet create mode 100644 debian/copyright create mode 100644 debian/install create mode 100644 dovecot.conf diff --git a/changelog.CARNet b/changelog.CARNet deleted file mode 120000 index 194579e..0000000 --- a/changelog.CARNet +++ /dev/null @@ -1 +0,0 @@ -changelog.Debian \ No newline at end of file diff --git a/debian/changelog b/debian/changelog index eead1bd..6ee9850 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,18 @@ +fail2ban-cn (0.8.5) stable; urgency=low + + * nova Dovecot pravila + * paljenje SASL, ProFTPd i Vsftpd monitora + + -- Dinko Korunic Sun, 24 Apr 2011 16:34:38 +0200 + +fail2ban-cn (0.8.4) stable; urgency=low + + * upgrade paketa za Debian Squeeze + * lintian fixevi + * dodavanje copyrighta, micanje changelog.CARNet + + -- Dinko Korunic Sun, 23 Apr 2011 15:33:35 +0200 + fail2ban-cn (0.8.3-2lenny1) stable; urgency=low * Upgrade paketa za Debian Lenny diff --git a/debian/compat b/debian/compat index b8626c4..7f8f011 100644 --- a/debian/compat +++ b/debian/compat @@ -1 +1 @@ -4 +7 diff --git a/debian/control b/debian/control index 1e2987b..27b68f1 100644 --- a/debian/control +++ b/debian/control @@ -2,12 +2,12 @@ Source: fail2ban-cn Section: net Priority: optional Maintainer: Dinko Korunic -Build-Depends: debhelper (>= 4) -Standards-Version: 3.7.2 +Build-Depends: debhelper (>= 7) +Standards-Version: 3.9.1 Package: fail2ban-cn Architecture: all -Depends: fail2ban (>= 0.8.3-2sid1) +Depends: fail2ban (>= 0.8.4-3), python-gamin (>= 0.1.10-2+b1), ${misc:Depends} Description: bans IPs that cause multiple authentication errors Monitors log files (e.g. /var/log/auth.log, /var/log/apache/access.log) and temporarily or persistently bans diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..5350ae7 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,7 @@ +Copyright 2011 CARNet + +You are free to distribute this software package under the terms of the +GNU General Public License. + +On Debian systems, the complete text of the GNU General Public +License can be found in the file /usr/share/common-licenses/GPL. diff --git a/debian/docs b/debian/docs index ef5ce6c..8f6e250 100644 --- a/debian/docs +++ b/debian/docs @@ -1,2 +1 @@ -changelog.CARNet README.CARNet diff --git a/debian/install b/debian/install new file mode 100644 index 0000000..e124ce9 --- /dev/null +++ b/debian/install @@ -0,0 +1 @@ +dovecot.conf etc/fail2ban/filter.d diff --git a/debian/postinst b/debian/postinst index 9bd5843..ea2b57b 100755 --- a/debian/postinst +++ b/debian/postinst @@ -33,11 +33,23 @@ esac CONF=/etc/fail2ban/jail.conf if [ -e "$CONF" ]; then - # enable ssh and pam-generic services - perl -ne 'if (/\[(ssh|pam-generic)\]/ .. /enabled/) { $_ =~ s/enabled = false/enabled = true/gi }; print $_' "$CONF" > "$CONF.$$" && \ + # enable ssh, pam-generic, sasl, proftpd and vsftpd service + perl -ne 'if (/\[(ssh|pam-generic|sasl|proftpd|vsftpd)\]/ .. /enabled/) { $_ =~ s/enabled = false/enabled = true/gi }; print $_' "$CONF" > "$CONF.$$" && \ cp_mv "$CONF.$$" "$CONF" rm -f "$CONF.$$" + # enable dovecot service + cp-update fail2ban-cn "$CONF.$$" <. - #$(MAKE) prefix=`pwd`/debian/`dh_listpackages`/usr install - -# Build architecture-independent files here. -binary-indep: build install - dh_testdir - dh_testroot - dh_installchangelogs - dh_installdocs -# dh_installexamples -# dh_installmenu -# dh_installdebconf -# dh_installlogrotate -# dh_installemacsen -# dh_installcatalogs -# dh_installpam -# dh_installmime -# dh_installinit -# dh_installcron -# dh_installinfo -# dh_undocumented - dh_installman - dh_link - dh_compress - dh_fixperms -# dh_perl -# dh_python - dh_installdeb - dh_gencontrol - dh_md5sums - dh_builddeb - -# Build architecture-dependent files here. -binary-arch: build install -# We have nothing to do by default. - -binary: binary-indep binary-arch -.PHONY: build clean binary-indep binary-arch binary install +%: + dh $@ diff --git a/dovecot.conf b/dovecot.conf new file mode 100644 index 0000000..d3bd851 --- /dev/null +++ b/dovecot.conf @@ -0,0 +1,21 @@ +# Fail2Ban configuration file +# +# Author: CARNet grupa za pakete + +[Definition] + +# Option: failregex +# Notes.: regex to match the password failures messages in the logfile. The +# host must be matched by a group named "host". The tag "" can +# be used for standard IP/hostname matching and is only an alias for +# (?:::f{4,6}:)?(?P\S+) +# Values: TEXT +# +#failregex = dovecot.*auth\(default\): pam\(.*,\): pam_authenticate\(\) failed: +failregex = (?: pop3-login|imap-login): (?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed).*rip=(?P\S*),.* + +# Option: ignoreregex +# Notes.: regex to ignore. If this regex matches, the line is ignored. +# Values: TEXT +# +ignoreregex = -- 1.7.10.4