Initial commit

0.9.6/jail.local

@@ -0,0 +1,62 @@
+[DEFAULT]
+
+#
+# ACTIONS
+#
+
+# Default banning action (e.g. iptables, iptables-new,
+# iptables-multiport, shorewall, etc) It is used to define
+# action_* variables. Can be overridden globally or per
+# section within jail.local file
+##banaction = iptables-multiport
+banaction = ip64tables-multiport
+
+## - Note:
+## - sendmail-only-ban must be configured. See action.d/sendmail-only-ban.local
+## -
+action_m = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
+              %(mta)s-only-ban_unban[name=%(__name__)s, dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"]
+
+## - Choose default action
+## -
+action = %(action_m)s
+#action = %(action_)s
+
+
+[sshd]
+
+enabled  = true
+port     = ssh
+filter   = sshd
+logpath  = /var/log/auth.log
+findtime = 600
+maxretry = 6
+bantime = 86400
+
+
+[postfix-sasl]
+
+enabled  = true
+port     = smtp,465,submission
+#port     = smtp,465,submission,143,imaps,pop3,pop3s
+filter   = postfix-sasl
+# You might consider monitoring /var/log/mail.warn instead if you are
+# running postfix since it would provide the same log lines at the
+# "warn" level but overall at the smaller filesize.
+logpath  = /var/log/mail.warn
+findtime = 60
+maxretry = 10
+bantime = 3600
+
+
+[dovecot-pop3imap]
+
+enabled = true
+filter = dovecot-pop3imap
+port = pop3,pop3s,143,imaps
+protocol = tcp
+#action = ip64tables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,143,imaps", protocol=tcp]
+logpath = /var/log/dovecot/dovecot.log
+maxretry = 20
+findtime = 1200
+bantime = 1200