initial upload

This commit is contained in:
Oliver Ladner 2011-09-04 12:07:25 +02:00
commit fb5a722d36
3 changed files with 53 additions and 0 deletions

6
README Normal file
View file

@ -0,0 +1,6 @@
These filters will match various actions considered harmful or annoying like:
tumgreyspf: - clients with probing address [...]justsendingthisleter
- clients which aren't allowed by SPF records
lighttpd-auth: - digest auth tries with wrong password

23
lighttpd-auth.conf Normal file
View file

@ -0,0 +1,23 @@
# Fail2Ban configuration file
#
# Author: Cyril Jaquier
#
# $Revision: 728 $
#
[Definition]
# Option: failregex
# Notes.: regex to match the password failure messages in the logfile. The
# host must be matched by a group named "host". The tag "<HOST>" can
# be used for standard IP/hostname matching and is only an alias for
# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
# Values: TEXT
#
failregex = digest: auth failed for .* : wrong password, IP: <HOST>
# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =

24
tumgreyspf.conf Normal file
View file

@ -0,0 +1,24 @@
# Fail2Ban configuration file
#
# Author: Cyril Jaquier
#
# $Revision: 728 $
#
[Definition]
# Option: failregex
# Notes.: regex to match the password failure messages in the logfile. The
# host must be matched by a group named "host". The tag "<HOST>" can
# be used for standard IP/hostname matching and is only an alias for
# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
# Values: TEXT
#
failregex = domain owner discourages use of this host.*client-ip=<HOST>.*receiver=.*sendingthisleter@.*
SPF fail - not authorized': QUEUE_ID=""; identity=mailfrom; client-ip=<HOST>;
# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =