Am Freitag, den 03.07.2015, 14:28 +0200 schrieb Steinar Bang:> > > fail2ban scans the logs of various services for attacks and firewalls > out the attacking IP addresses. > > There are no built-in rules for exim or dovecot in the debian > fail2ban > package, but there is something here that could possibly be > adapted...?Are you talking about wheezy or jessie? jessie has rules. But they need to be enabled like this: # cat /etc/fail2ban/jail.d/local.conf [exim] enabled = true [exim-spam] enabled = true [dovecot] enabled = true
>>>>> Felix Zielcke <fzielcke at z-51.de>:> Are you talking about wheezy or jessie?Well I looked on a jessie system, but the fail2ban was pulled in when it was wheezy (or maybe even easier).> jessie has rules. But they need to be enabled like this:> # cat /etc/fail2ban/jail.d/local.conf > [exim] > enabled = true> [exim-spam] > enabled = true> [dovecot] > enabled = trueOk, thanks!
Am Freitag, den 03.07.2015, 21:53 +0200 schrieb Steinar Bang:> > > > > > > > Felix Zielcke <fzielcke at z-51.de>: > > > Are you talking about wheezy or jessie? > > Well I looked on a jessie system, but the fail2ban was pulled in when > it > was wheezy (or maybe even easier). >They're in /etc/fail2ban/filter.d And yes I also needed a while to figure this system out. Escpecially that they need to be enabled in a jaild/*.conf file. Though this is a fresh Debian jessie install. And files in /etc are specially handled on upgrades, instead of all the other files in a Debian package.