main/fail2ban: add default SSH jail. Fixes #966

author: Leonardo Arena <rnalrd@alpinelinux.org> 2015-12-09 10:38:12 +0000
committer: Leonardo Arena <rnalrd@alpinelinux.org> 2015-12-09 10:38:29 +0000
commit: d0457a4cbde06be9e6fdf2203fd53b1b05225b98 (patch)
tree: bfdeb5914ab75a2bc107d355508e38d7213bebe5 /main/fail2ban/alpine-sshd.filterd
parent: b404e7bae39604847b17bf10a501146fe5d56d7c (diff)
download: aports-d0457a4cbde06be9e6fdf2203fd53b1b05225b98.tar.bz2
aports-d0457a4cbde06be9e6fdf2203fd53b1b05225b98.tar.xz
1 files changed, 27 insertions, 0 deletions
diff --git a/main/fail2ban/alpine-sshd.filterd b/main/fail2ban/alpine-sshd.filterd
new file mode 100644
index 0000000000..87718a963e
--- /dev/null
+++ b/main/fail2ban/alpine-sshd.filterd
@@ -0,0 +1,27 @@
+# Fail2Ban filter for openssh for Alpine
+#
+# If you want to protect OpenSSH from being bruteforced by password
+# authentication then get public key authentication working before disabling
+# PasswordAuthentication in sshd_config.
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = sshd
+
+failregex = Failed [-/\w]+ for .* from <HOST> port \d* ssh2
+
+ignoreregex = 
+
+[Init]
+
+# "maxlines" is number of log lines to buffer for multi-line regex searches
+maxlines = 10
+
+
author	Leonardo Arena <rnalrd@alpinelinux.org>	2015-12-09 10:38:12 +0000
committer	Leonardo Arena <rnalrd@alpinelinux.org>	2015-12-09 10:38:29 +0000
commit	d0457a4cbde06be9e6fdf2203fd53b1b05225b98 (patch)
tree	bfdeb5914ab75a2bc107d355508e38d7213bebe5 /main/fail2ban/alpine-sshd.filterd
parent	b404e7bae39604847b17bf10a501146fe5d56d7c (diff)
download	aports-d0457a4cbde06be9e6fdf2203fd53b1b05225b98.tar.bz2 aports-d0457a4cbde06be9e6fdf2203fd53b1b05225b98.tar.xz