Add fail2ban filters for munin and postfix submission

This commit is contained in:
Michael Kroes 2016-03-28 16:10:52 +02:00
parent eb79e94959
commit 710ad87602
4 changed files with 32 additions and 0 deletions

View File

@ -48,6 +48,22 @@ logpath = /home/user-data/owncloud/owncloud.log
maxretry = 20 maxretry = 20
findtime = 30 findtime = 30
[munin]
enabled = true
port = http,https
filter = munin
logpath = /var/log/nginx/access.log
maxretry = 20
findtime = 30
[postfix-submission]
enabled = true
port = 587
filter = postfix-submission
logpath = /var/log/mail.log
maxretry = 20
findtime = 30
[recidive] [recidive]
enabled = true enabled = true
maxretry = 10 maxretry = 10

7
conf/fail2ban/munin.conf Normal file
View File

@ -0,0 +1,7 @@
[INCLUDES]
before = common.conf
[Definition]
failregex=<HOST> - .*GET /admin/munin/.* HTTP/1.1\" 401.*
ignoreregex =

View File

@ -0,0 +1,7 @@
[INCLUDES]
before = common.conf
[Definition]
failregex=postfix/submission/smtpd.*warning.*\[<HOST>\]: .* authentication (failed|aborted)
ignoreregex =

View File

@ -289,4 +289,6 @@ cp conf/fail2ban/dovecotimap.conf /etc/fail2ban/filter.d/dovecotimap.conf
cp conf/fail2ban/miab-management-daemon.conf /etc/fail2ban/filter.d/miab-management-daemon.conf cp conf/fail2ban/miab-management-daemon.conf /etc/fail2ban/filter.d/miab-management-daemon.conf
cp conf/fail2ban/roundcube.conf /etc/fail2ban/filter.d/roundcube.conf cp conf/fail2ban/roundcube.conf /etc/fail2ban/filter.d/roundcube.conf
cp conf/fail2ban/owncloud.conf /etc/fail2ban/filter.d/owncloud.conf cp conf/fail2ban/owncloud.conf /etc/fail2ban/filter.d/owncloud.conf
cp conf/fail2ban/munin.conf /etc/fail2ban/filter.d/munin.conf
cp conf/fail2ban/postfix-submission.conf /etc/fail2ban/filter.d/postfix-submission.conf
restart_service fail2ban restart_service fail2ban