tibbs / rpms / fail2ban

Forked from rpms/fail2ban 5 years ago
Clone
Source Code
GIT

Files

  1.   72f0087b75714c49444cef9b1665234130911ee9
  2.   fail2ban-sendmail.patch
Blob Blame History Raw 
diff -up fail2ban-0.9.6/config/filter.d/sendmail-auth.conf.sendmail fail2ban-0.9.6/config/filter.d/sendmail-auth.conf
--- fail2ban-0.9.6/config/filter.d/sendmail-auth.conf.sendmail	2017-01-06 19:00:12.228687290 -0700
+++ fail2ban-0.9.6/config/filter.d/sendmail-auth.conf	2017-01-06 19:01:33.991702030 -0700
@@ -7,12 +7,16 @@ before = common.conf
 
 [Definition]
 
-_daemon = (?:sm-(mta|acceptingconnections))
+_daemon = (?:sendmail|sm-(?:mta|acceptingconnections))
 
 failregex = ^%(__prefix_line)s\w{14}: (\S+ )?\[<HOST>\]( \(may be forged\))?: possible SMTP attack: command=AUTH, count=\d+$
 
 ignoreregex =
 
+[Init]
+
+journalmatch = _SYSTEMD_UNIT=sendmail.service
+
 # DEV Notes:
 #
 # Author: Daniel Black
diff -up fail2ban-0.9.6/config/filter.d/sendmail-reject.conf.sendmail fail2ban-0.9.6/config/filter.d/sendmail-reject.conf
--- fail2ban-0.9.6/config/filter.d/sendmail-reject.conf.sendmail	2017-01-06 19:00:12.229687303 -0700
+++ fail2ban-0.9.6/config/filter.d/sendmail-reject.conf	2017-01-06 19:00:12.229687303 -0700
@@ -33,6 +33,8 @@ ignoreregex =
 
 [Init]
 
+journalmatch = _SYSTEMD_UNIT=sendmail.service
+
 # "maxlines" is number of log lines to buffer for multi-line regex searches
 maxlines = 10
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.