Mercurial > repos > other > Puppet
annotate common/fail2ban/ibb-sshd.conf @ 180:83885499c093 puppet-3.6
Strip some headers on outbound emails
Necessary because GMail app on Android using an account on our
server adds half of the MS Outlook headers, but not the others
and this causes SpamAssassin to flag as spam
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Sun, 05 Aug 2018 10:40:51 +0100 |
| parents | 1af9fd04c285 |
| children |
| rev | line source |
|---|---|
|
171
103a3630e9b2
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
1 # Fail2Ban configuration file |
|
103a3630e9b2
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
2 # Author: IBBoard |
|
103a3630e9b2
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
3 |
|
103a3630e9b2
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
4 [Definition] |
|
103a3630e9b2
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
5 |
|
103a3630e9b2
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
6 # Option: failregex |
|
103a3630e9b2
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
7 # Notes.: regex to match the password failures messages in the logfile. The |
|
103a3630e9b2
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
8 # host must be matched by a group named "host". The tag "<HOST>" can |
|
103a3630e9b2
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
9 # be used for standard IP/hostname matching and is only an alias for |
|
103a3630e9b2
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
10 # (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) |
|
103a3630e9b2
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
11 # Values: TEXT |
|
103a3630e9b2
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
12 # |
|
172
1af9fd04c285
Fix case of <HOST> tag so that rule pulls the IP
IBBoard <dev@ibboard.co.uk>
parents:
171
diff
changeset
|
13 failregex = Unable to negotiate with <HOST> port [0-9]+: no matching host key type found. Their offer: ssh-rsa,ssh-dss \[preauth\] |
|
171
103a3630e9b2
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
14 |
|
103a3630e9b2
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
15 # Option: ignoreregex |
|
103a3630e9b2
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
16 # Notes.: regex to ignore. If this regex matches, the line is ignored. |
|
103a3630e9b2
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
17 # Values: TEXT |
|
103a3630e9b2
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
18 # |
|
103a3630e9b2
Tighten up some Fail2Ban rules (including SSH probes with only insecure keys)
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
19 ignoreregex = |