/[smecontribs]/rpms/smeserver-fail2ban/contribs10/smeserver-fail2ban-0.1.18-bz11586-serverfailstostart.patch
ViewVC logotype

Contents of /rpms/smeserver-fail2ban/contribs10/smeserver-fail2ban-0.1.18-bz11586-serverfailstostart.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Wed May 26 08:09:44 2021 UTC (3 years, 5 months ago) by terryfage
Branch: MAIN
CVS Tags: smeserver-fail2ban-0_1_18-27_el7_sme, smeserver-fail2ban-0_1_18-31_el7_sme, smeserver-fail2ban-0_1_18-24_el7_sme, smeserver-fail2ban-0_1_18-30_el7_sme, smeserver-fail2ban-0_1_18-17_el7_sme, smeserver-fail2ban-0_1_18-25_el7_sme, smeserver-fail2ban-0_1_18-22_el7_sme, smeserver-fail2ban-0_1_18-16_el7_sme, smeserver-fail2ban-0_1_18-13_el7_sme, smeserver-fail2ban-0_1_18-32_el7_sme, smeserver-fail2ban-0_1_18-20_el7_sme, smeserver-fail2ban-0_1_18-12_el7_sme, smeserver-fail2ban-0_1_18-19_el7_sme, smeserver-fail2ban-0_1_18-14_el7_sme, smeserver-fail2ban-0_1_18-28_el7_sme, smeserver-fail2ban-0_1_18-15_el7_sme, smeserver-fail2ban-0_1_18-29_el7_sme, smeserver-fail2ban-0_1_18-21_el7_sme, smeserver-fail2ban-0_1_18-23_el7_sme, smeserver-fail2ban-0_1_18-26_el7_sme, HEAD
* Tue May 25 2021 Terry Fage <tfage@yahoo.com.au> 0.1.18-12.sme
- Server Fails to Start SME10 [SME: 11586]

1 diff -urN smeserver-fail2ban-0.1.18.old/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service10ssh smeserver-fail2ban-0.1.18/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service10ssh
2 --- smeserver-fail2ban-0.1.18.old/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service10ssh 2021-05-24 23:08:25.925992313 -0400
3 +++ smeserver-fail2ban-0.1.18/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service10ssh 2021-05-24 23:21:04.000000000 -0400
4 @@ -9,7 +9,7 @@
5 [ssh]
6 enabled = true
7 filter = sshd
8 -logpath = /var/log/sshd/current
9 +logpath = /var/log/sshd/sshd.log
10 action = smeserver-iptables[port="$port",protocol=tcp,bantime=$bantime]
11 EOF
12
13 @@ -21,7 +21,7 @@
14 [ssh-ddos]
15 enabled = true
16 filter = sshd-ddos
17 -logpath = /var/log/sshd/current
18 +logpath = /var/log/sshd/sshd.log
19 action = smeserver-iptables[port="$port",protocol=tcp,bantime=$bantime]
20 EOF
21
22 diff -urN smeserver-fail2ban-0.1.18.old/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service15dovecot smeserver-fail2ban-0.1.18/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service15dovecot
23 --- smeserver-fail2ban-0.1.18.old/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service15dovecot 2021-05-24 23:08:25.925992313 -0400
24 +++ smeserver-fail2ban-0.1.18/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service15dovecot 2021-05-24 23:23:10.000000000 -0400
25 @@ -15,7 +15,7 @@
26 [imap]
27 enabled = true
28 filter = dovecot
29 -logpath = /var/log/dovecot/current
30 +logpath = /var/log/dovecot/dovecot.log
31 action = smeserver-iptables[port="$port",protocol=tcp,bantime=$bantime]
32 EOF
33
34 diff -urN smeserver-fail2ban-0.1.18.old/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service20qpsmtpd smeserver-fail2ban-0.1.18/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service20qpsmtpd
35 --- smeserver-fail2ban-0.1.18.old/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service20qpsmtpd 2021-05-24 23:08:25.925992313 -0400
36 +++ smeserver-fail2ban-0.1.18/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service20qpsmtpd 2021-05-24 23:27:39.000000000 -0400
37 @@ -1,12 +1,12 @@
38 {
39
40 -my $status = $smtpd{'status'} || 'disabled';
41 +my $status = $sqpsmtpd{'status'} || 'disabled';
42 my $f2b = $qpsmtpd{'Fail2Ban'} || 'enabled';
43 return "" if (($status ne 'enabled') || ($f2b ne 'enabled'));
44 my @ports = ();
45 -push @ports, ($smtpd{'TCPPort'} || '25');
46 -push @ports, ($ssmtpd{'TCPPort'} || '465')
47 - if (($ssmtpd{'status'} || 'disabled') eq 'enabled');
48 +push @ports, ($qpsmtpd{'TCPPort'} || '25');
49 +push @ports, ($sqpsmtpd{'TCPPort'} || '465')
50 + if (($sqpsmtpd{'status'} || 'disabled') eq 'enabled');
51 my $port = join (",", @ports);
52
53 my $max = $maxretry*3;
54 diff -urN smeserver-fail2ban-0.1.18.old/root/etc/fail2ban/filter.d/sshd-ddos.conf smeserver-fail2ban-0.1.18/root/etc/fail2ban/filter.d/sshd-ddos.conf
55 --- smeserver-fail2ban-0.1.18.old/root/etc/fail2ban/filter.d/sshd-ddos.conf 1969-12-31 19:00:00.000000000 -0500
56 +++ smeserver-fail2ban-0.1.18/root/etc/fail2ban/filter.d/sshd-ddos.conf 2021-05-24 23:14:31.000000000 -0400
57 @@ -0,0 +1,28 @@
58 +# Fail2Ban ssh filter for at attempted exploit
59 +#
60 +# The regex here also relates to a exploit:
61 +#
62 +# http://www.securityfocus.com/bid/17958/exploit
63 +# The example code here shows the pushing of the exploit straight after
64 +# reading the server version. This is where the client version string normally
65 +# pushed. As such the server will read this unparsible information as
66 +# "Did not receive identification string".
67 +# Author: Yaroslav Halchenko
68 +
69 +[INCLUDES]
70 +
71 +# Read common prefixes. If any customizations available -- read them from
72 +# common.local
73 +before = common.conf
74 +
75 +[Definition]
76 +
77 +_daemon = sshd
78 +
79 +failregex = ^%(__prefix_line)sDid not receive identification string from <HOST>\s*$
80 +
81 +ignoreregex =.
82 +
83 +[Init]
84 +
85 +journalmatch = _SYSTEMD_UNIT=sshd.service + _COMM=sshd

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed