On 29.03.2015 18:53, Patrick O'Callaghan wrote:
On Sat, 2015-03-28 at 23:22 -0400, Rahul Sundaram wrote:
> Hi
>
> On Sat, Mar 28, 2015 at 5:14 PM, Joe Zeff wrote:
>
>> If denyhosts needs rsyslogd, shouldn't it be a dependency?
>
>
> It doesn't need rsyslogd specifically. A virtual dependency on syslog with
> multiple providers including rsyslogd and syslog-ng might be a possible
> solution. However denyhosts itself is pretty outdated and everyone should
> switch over to fail2ban anyway.
I just did so, but I found fail2ban significantly harder to configure,
largely because there's no explicit documentation on what the default
configuration is on install. You have to read the config files and
figure it out from the man pages, which suffer from the same fault as
many such pages, i.e. they are written for people who already know how
it all works and just need a reminder. One example: the term 'jail' is
used without ever being defined, and in a way inconsistent with other
uses in Linux such as 'root jail'.
In the end I just had to add a simple jail.local file, but it took a
while to discover that.
Denyhosts was much easier IIRC.
poc
Once you're done, make the instructions in the form of a examples, put it in a patch
and send upstream. If upstream doesn't pull propose to downstream. If downstream
doesn't pull, make a note here on the list.