orion pushed to fail2ban (el6). "Remove unused logfiles patch"
notifications at fedoraproject.org
notifications at fedoraproject.org
Wed Apr 1 01:59:55 UTC 2015
>From fcc7ebc3a318ce5e8c66f46f75ecb0d5b2c29809 Mon Sep 17 00:00:00 2001
From: Orion Poplawski <orion at cora.nwra.com>
Date: Tue, 31 Mar 2015 19:59:49 -0600
Subject: Remove unused logfiles patch
diff --git a/fail2ban-logfiles.patch b/fail2ban-logfiles.patch
deleted file mode 100644
index c2cf359..0000000
--- a/fail2ban-logfiles.patch
+++ /dev/null
@@ -1,212 +0,0 @@
-diff -up fail2ban-0.9-d529151/config/jail.conf.logfiles fail2ban-0.9-d529151/config/jail.conf
---- fail2ban-0.9-d529151/config/jail.conf.logfiles 2013-07-28 03:43:54.000000000 -0600
-+++ fail2ban-0.9-d529151/config/jail.conf 2013-08-08 21:23:41.785950007 -0600
-@@ -152,20 +152,18 @@ action = %(action_)s
- [sshd]
-
- port = ssh
--logpath = /var/log/auth.log
-- /var/log/sshd.log
-+logpath = /var/log/secure
-
- [sshd-ddos]
-
- port = ssh
--logpath = /var/log/auth.log
-- /var/log/sshd.log
-+logpath = /var/log/secure
-
- [dropbear]
-
- port = ssh
- filter = sshd
--logpath = /var/log/dropbear
-+logpath = /var/log/secure
-
-
- # Generic filter for PAM. Has to be used with action which bans all
-@@ -175,12 +173,12 @@ logpath = /var/log/dropbear
-
- # pam-generic filter can be customized to monitor specific subset of 'tty's
- banaction = iptables-allports
--logpath = /var/log/auth.log
-+logpath = /var/log/secure
-
- [xinetd-fail]
-
- banaction = iptables-multiport-log
--logpath = /var/log/daemon.log
-+logpath = /var/log/messages
- maxretry = 2
-
- # .. custom jails
-@@ -201,7 +199,7 @@ filter = sshd
- action = hostsdeny[daemon_list=sshd]
- sendmail-whois[name=SSH, dest=you at example.com]
- ignoreregex = for myuser from
--logpath = /var/log/sshd.log
-+logpath = /var/log/secure
-
- # Here we use blackhole routes for not requiring any additional kernel support
- # to store large volumes of banned IPs
-@@ -210,7 +208,7 @@ logpath = /var/log/sshd.log
-
- filter = sshd
- action = route
--logpath = /var/log/sshd.log
-+logpath = /var/log/secure
-
- # Here we use a combination of Netfilter/Iptables and IPsets
- # for storing large volumes of banned IPs
-@@ -221,13 +219,13 @@ logpath = /var/log/sshd.log
-
- filter = sshd
- action = iptables-ipset-proto4[name=SSH, port=ssh, protocol=tcp]
--logpath = /var/log/sshd.log
-+logpath = /var/log/secure
-
- [sshd-iptables-ipset6]
-
- filter = sshd
- action = iptables-ipset-proto6[name=SSH, port=ssh, protocol=tcp, bantime=600]
--logpath = /var/log/sshd.log
-+logpath = /var/log/secure
-
- # This jail uses ipfw, the standard firewall on FreeBSD. The "ignoreip"
- # option is overridden in this jail. Moreover, the action "mail-whois" defines
-@@ -238,7 +236,7 @@ logpath = /var/log/sshd.log
- filter = sshd
- action = ipfw[localhost=192.168.0.1]
- sendmail-whois[name="SSH,IPFW", dest=you at example.com]
--logpath = /var/log/auth.log
-+logpath = /var/log/secure
- ignoreip = 168.192.0.1
-
- # bsd-ipfw is ipfw used by BSD. It uses ipfw tables.
-@@ -250,7 +248,7 @@ ignoreip = 168.192.0.1
- [ssh-bsd-ipfw]
- filter = sshd
- action = bsd-ipfw[port=ssh,table=1]
--logpath = /var/log/auth.log
-+logpath = /var/log/secure
-
- #
- # HTTP servers
-@@ -259,7 +257,7 @@ logpath = /var/log/auth.log
- [apache-auth]
-
- port = http,https
--logpath = /var/log/apache*/*error.log
-+logpath = /var/log/httpd/*error_log
-
- # Ban hosts which agent identifies spammer robots crawling the web
- # for email addresses. The mail outputs are buffered.
-@@ -267,21 +265,20 @@ logpath = /var/log/apache*/*error.log
- [apache-badbots]
-
- port = http,https
--logpath = /var/log/apache*/*access.log
-- /var/www/*/logs/access_log
-+logpath = /var/log/httpd/*access_log
- bantime = 172800
- maxretry = 1
-
- [apache-noscript]
-
- port = http,https
--logpath = /var/log/apache*/*error.log
-+logpath = /var/log/httpd/*error_log
- maxretry = 6
-
- [apache-overflows]
-
- port = http,https
--logpath = /var/log/apache*/*error.log
-+logpath = /var/log/httpd/*error_log
- maxretry = 2
-
- # Ban attackers that try to use PHP's URL-fopen() functionality
-@@ -291,7 +288,7 @@ maxretry = 2
- [php-url-fopen]
-
- port = http,https
--logpath = /var/www/*/logs/access_log
-+logpath = /var/log/httpd/*access_log
-
- # A simple PHP-fastcgi jail which works with lighttpd.
- # If you run a lighttpd server, then you probably will
-@@ -330,7 +327,7 @@ logpath = /var/log/sogo/sogo.log
-
- filter = apache-auth
- action = hostsdeny
--logpath = /var/log/apache*/*error.log
-+logpath = /var/log/httpd/*error_log
- maxretry = 6
-
-
-@@ -347,7 +344,7 @@ logpath = /var/log/proftpd/proftpd.log
- [pure-ftpd]
-
- port = ftp,ftp-data,ftps,ftps-data
--logpath = /var/log/auth.log
-+logpath = /var/log/secure
- maxretry = 6
-
- [vsftpd]
-@@ -355,7 +352,7 @@ maxretry = 6
- port = ftp,ftp-data,ftps,ftps-data
- logpath = /var/log/vsftpd.log
- # or overwrite it in jails.local to be
--# logpath = /var/log/auth.log
-+# logpath = /var/log/secure
- # if you want to rely on PAM failed login attempts
- # vsftpd's failregex should match both of those formats
-
-@@ -384,12 +381,12 @@ maxretry = 6
- [courier-smtp]
-
- port = smtp,ssmtp,submission
--logpath = /var/log/mail.log
-+logpath = /var/log/maillog
-
- [postfix]
-
- port = smtp,ssmtp,submission
--logpath = /var/log/mail.log
-+logpath = /var/log/maillog
-
- # The hosts.deny path can be defined with the "file" argument if it is
- # not in /etc.
-@@ -410,7 +407,7 @@ bantime = 300
- [courier-auth]
-
- port = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s
--logpath = /var/log/mail.log
-+logpath = /var/log/maillog
-
-
- [sasl]
-@@ -419,12 +416,12 @@ port = smtp,ssmtp,submission,imap2,i
- # You might consider monitoring /var/log/mail.warn instead if you are
- # running postfix since it would provide the same log lines at the
- # "warn" level but overall at the smaller filesize.
--logpath = /var/log/mail.log
-+logpath = /var/log/maillog
-
- [dovecot]
-
- port = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s
--logpath = /var/log/mail.log
-+logpath = /var/log/maillog
-
- #
- # DNS servers
-@@ -519,7 +516,7 @@ maxretry = 5
- enabled=false
- filter = sshd
- action = pf
--logpath = /var/log/sshd.log
-+logpath = /var/log/secure
- maxretry=5
-
- [3proxy]
--
cgit v0.10.2
http://pkgs.fedoraproject.org/cgit/fail2ban.git/commit/?h=el6&id=fcc7ebc3a318ce5e8c66f46f75ecb0d5b2c29809
More information about the scm-commits
mailing list