Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 27th March 2011, 10:17
eko_taas eko_taas is offline
Member
 
Join Date: Feb 2011
Posts: 92
Thanks: 2
Thanked 12 Times in 10 Posts
Question fail2ban log-changes after manual 6.2. and 6.3

Made once again fresh installation of Debian squeeze and ISPConfig3.

One thing I have noticed before, but now find out also time of change.

org log of fail2ban (I have set all to 3 maxtrials)
Code:
2011-03-27 07:24:43,861 fail2ban.server : INFO   Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.4-SVN
2011-03-27 07:24:43,862 fail2ban.jail   : INFO   Creating new jail 'ssh'
2011-03-27 07:24:43,862 fail2ban.jail   : INFO   Jail 'ssh' uses poller
2011-03-27 07:24:43,922 fail2ban.filter : INFO   Added logfile = /var/log/auth.log
2011-03-27 07:24:43,923 fail2ban.filter : INFO   Set maxRetry = 6
2011-03-27 07:24:43,924 fail2ban.filter : INFO   Set findtime = 600
2011-03-27 07:24:43,925 fail2ban.actions: INFO   Set banTime = 600
2011-03-27 07:24:43,994 fail2ban.jail   : INFO   Jail 'ssh' started
2011-03-27 07:28:24,470 fail2ban.jail   : INFO   Jail 'ssh' stopped
2011-03-27 07:28:24,470 fail2ban.server : INFO   Exiting Fail2ban
2011-03-27 07:28:24,877 fail2ban.server : INFO   Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.4-SVN
2011-03-27 07:28:24,878 fail2ban.jail   : INFO   Creating new jail 'courierimap'
2011-03-27 07:28:24,879 fail2ban.jail   : INFO   Jail 'courierimap' uses poller
2011-03-27 07:28:24,897 fail2ban.filter : INFO   Added logfile = /var/log/mail.log
2011-03-27 07:28:24,898 fail2ban.filter : INFO   Set maxRetry = 3
2011-03-27 07:28:24,899 fail2ban.filter : INFO   Set findtime = 600
2011-03-27 07:28:24,900 fail2ban.actions: INFO   Set banTime = 600
2011-03-27 07:28:24,907 fail2ban.jail   : INFO   Creating new jail 'courierpop3'
2011-03-27 07:28:24,908 fail2ban.jail   : INFO   Jail 'courierpop3' uses poller
2011-03-27 07:28:24,909 fail2ban.filter : INFO   Added logfile = /var/log/mail.log
2011-03-27 07:28:24,910 fail2ban.filter : INFO   Set maxRetry = 3
2011-03-27 07:28:24,911 fail2ban.filter : INFO   Set findtime = 600
2011-03-27 07:28:24,912 fail2ban.actions: INFO   Set banTime = 600
2011-03-27 07:28:24,919 fail2ban.jail   : INFO   Creating new jail 'courierpop3s'
2011-03-27 07:28:24,919 fail2ban.jail   : INFO   Jail 'courierpop3s' uses poller
2011-03-27 07:28:24,920 fail2ban.filter : INFO   Added logfile = /var/log/mail.log
2011-03-27 07:28:24,921 fail2ban.filter : INFO   Set maxRetry = 3
2011-03-27 07:28:24,923 fail2ban.filter : INFO   Set findtime = 600
2011-03-27 07:28:24,923 fail2ban.actions: INFO   Set banTime = 600
2011-03-27 07:28:24,931 fail2ban.jail   : INFO   Creating new jail 'pureftpd'
2011-03-27 07:28:24,931 fail2ban.jail   : INFO   Jail 'pureftpd' uses poller
2011-03-27 07:28:24,932 fail2ban.filter : INFO   Added logfile = /var/log/syslog
2011-03-27 07:28:24,933 fail2ban.filter : INFO   Set maxRetry = 3
2011-03-27 07:28:24,934 fail2ban.filter : INFO   Set findtime = 600
2011-03-27 07:28:24,935 fail2ban.actions: INFO   Set banTime = 600
2011-03-27 07:28:24,942 fail2ban.jail   : INFO   Creating new jail 'ssh'
2011-03-27 07:28:24,943 fail2ban.jail   : INFO   Jail 'ssh' uses poller
2011-03-27 07:28:24,944 fail2ban.filter : INFO   Added logfile = /var/log/auth.log
2011-03-27 07:28:24,945 fail2ban.filter : INFO   Set maxRetry = 6
2011-03-27 07:28:24,946 fail2ban.filter : INFO   Set findtime = 600
2011-03-27 07:28:24,947 fail2ban.actions: INFO   Set banTime = 600
2011-03-27 07:28:25,014 fail2ban.jail   : INFO   Creating new jail 'sasl'
2011-03-27 07:28:25,014 fail2ban.jail   : INFO   Jail 'sasl' uses poller
2011-03-27 07:28:25,015 fail2ban.filter : INFO   Added logfile = /var/log/mail.log
2011-03-27 07:28:25,016 fail2ban.filter : INFO   Set maxRetry = 3
2011-03-27 07:28:25,018 fail2ban.filter : INFO   Set findtime = 600
2011-03-27 07:28:25,019 fail2ban.actions: INFO   Set banTime = 600
2011-03-27 07:28:25,027 fail2ban.jail   : INFO   Creating new jail 'courierimaps'
2011-03-27 07:28:25,027 fail2ban.jail   : INFO   Jail 'courierimaps' uses poller
2011-03-27 07:28:25,028 fail2ban.filter : INFO   Added logfile = /var/log/mail.log
2011-03-27 07:28:25,029 fail2ban.filter : INFO   Set maxRetry = 3
2011-03-27 07:28:25,030 fail2ban.filter : INFO   Set findtime = 600
2011-03-27 07:28:25,031 fail2ban.actions: INFO   Set banTime = 600
2011-03-27 07:28:25,039 fail2ban.jail   : INFO   Jail 'courierimap' started
2011-03-27 07:28:25,044 fail2ban.jail   : INFO   Jail 'courierpop3' started
2011-03-27 07:28:25,050 fail2ban.jail   : INFO   Jail 'courierpop3s' started
2011-03-27 07:28:25,062 fail2ban.jail   : INFO   Jail 'pureftpd' started
2011-03-27 07:28:25,072 fail2ban.jail   : INFO   Jail 'ssh' started
2011-03-27 07:28:25,084 fail2ban.jail   : INFO   Jail 'sasl' started
2011-03-27 07:28:25,098 fail2ban.jail   : INFO   Jail 'courierimaps' started
2011-03-27 08:38:26,027 fail2ban.jail   : INFO   Jail 'courierpop3s' stopped
2011-03-27 08:38:27,023 fail2ban.jail   : INFO   Jail 'courierimap' stopped
2011-03-27 08:38:28,030 fail2ban.jail   : INFO   Jail 'ssh' stopped
2011-03-27 08:38:29,025 fail2ban.jail   : INFO   Jail 'courierimaps' stopped
2011-03-27 08:38:30,024 fail2ban.jail   : INFO   Jail 'pureftpd' stopped
2011-03-27 08:38:31,027 fail2ban.jail   : INFO   Jail 'sasl' stopped
2011-03-27 08:38:32,029 fail2ban.jail   : INFO   Jail 'courierpop3' stopped
2011-03-27 08:38:32,030 fail2ban.server : INFO   Exiting Fail2ban
After following manual to make system to use ssl in 8080
Quote:
6.2 Enabling SSL For The ISPConfig Web Interface
Quote:
6.3 Using SuExec For The ISPConfig Web Interface
(with extra ln-link)
all seems to be working, but now fail2ban generates errors (but e.g, keeps blocking as release statements comes to log)
Code:
...
2011-03-27 08:47:20,621 fail2ban.actions: INFO   Set banTime = 600
2011-03-27 08:47:20,652 fail2ban.jail   : INFO   Jail 'courierimap' started
2011-03-27 08:47:20,667 fail2ban.jail   : INFO   Jail 'courierpop3' started
2011-03-27 08:47:20,679 fail2ban.jail   : INFO   Jail 'courierpop3s' started
2011-03-27 08:47:20,687 fail2ban.jail   : INFO   Jail 'pureftpd' started
2011-03-27 08:47:20,703 fail2ban.jail   : INFO   Jail 'ssh' started
2011-03-27 08:47:20,715 fail2ban.jail   : INFO   Jail 'sasl' started
2011-03-27 08:47:20,733 fail2ban.jail   : INFO   Jail 'courierimaps' started
2011-03-27 08:47:20,935 fail2ban.actions.action: ERROR  iptables -N fail2ban-courierpop3s
iptables -A fail2ban-courierpop3s -j RETURN
iptables -I INPUT -p tcp -m multiport --dports pop3s -j fail2ban-courierpop3s returned 200
2011-03-27 08:47:20,936 fail2ban.actions.action: ERROR  iptables -N fail2ban-ssh
iptables -A fail2ban-ssh -j RETURN
iptables -I INPUT -p tcp -m multiport --dports ssh -j fail2ban-ssh returned 200
2011-03-27 08:47:20,937 fail2ban.actions.action: ERROR  iptables -N fail2ban-sasl
iptables -A fail2ban-sasl -j RETURN
iptables -I INPUT -p tcp -m multiport --dports smtp -j fail2ban-sasl returned 200
2011-03-27 08:47:20,938 fail2ban.actions.action: ERROR  iptables -N fail2ban-courierimap
iptables -A fail2ban-courierimap -j RETURN
iptables -I INPUT -p tcp -m multiport --dports imap2 -j fail2ban-courierimap returned 200
2011-03-27 08:47:20,939 fail2ban.actions.action: ERROR  iptables -N fail2ban-pureftpd
iptables -A fail2ban-pureftpd -j RETURN
iptables -I INPUT -p tcp -m multiport --dports ftp -j fail2ban-pureftpd returned 200
2011-03-27 08:47:20,940 fail2ban.actions.action: ERROR  iptables -N fail2ban-courierimaps
iptables -A fail2ban-courierimaps -j RETURN
iptables -I INPUT -p tcp -m multiport --dports imaps -j fail2ban-courierimaps returned 200
What should I change to get fail2ban log back to nice-looking non-error mode?
Reply With Quote
Sponsored Links
  #2  
Old 28th March 2011, 14:03
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,740 Times in 2,575 Posts
Default

What's in /etc/fail2ban/jail.local? What's the output of
Code:
ls -la /etc/fail2ban/filter.d/
?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 29th March 2011, 04:51
eko_taas eko_taas is offline
Member
 
Join Date: Feb 2011
Posts: 92
Thanks: 2
Thanked 12 Times in 10 Posts
Default

Thanks for your support

Code:
xxxxx:~$ ls -la /etc/fail2ban/filter.d/
total 140
drwxr-xr-x 2 root root 4096 Mar 27 08:58 .
drwxr-xr-x 4 root root 4096 Mar 27 08:57 ..
-rw-r--r-- 1 root root  711 Feb  8  2009 apache-auth.conf
-rw-r--r-- 1 root root 2381 Jun 29  2010 apache-badbots.conf
-rw-r--r-- 1 root root  628 Oct 13  2008 apache-nohome.conf
-rw-r--r-- 1 root root  763 Feb  8  2009 apache-noscript.conf
-rw-r--r-- 1 root root  444 Mar  5  2008 apache-overflows.conf
-rw-r--r-- 1 root root 1039 Feb  8  2009 common.conf
-rw-r--r-- 1 root root  557 Mar 27 06:27 courierimap.conf
-rw-r--r-- 1 root root  561 Mar 27 06:28 courierimaps.conf
-rw-r--r-- 1 root root  616 Feb  8  2009 courierlogin.conf
-rw-r--r-- 1 root root  557 Mar 27 06:26 courierpop3.conf
-rw-r--r-- 1 root root  561 Mar 27 06:26 courierpop3s.conf
-rw-r--r-- 1 root root  591 Feb  8  2009 couriersmtp.conf
-rw-r--r-- 1 root root 1012 Feb  8  2009 cyrus-imap.conf
-rw-r--r-- 1 root root  613 Feb  8  2009 exim.conf
-rw-r--r-- 1 root root  447 May 21  2008 gssftpd.conf
-rw-r--r-- 1 root root  397 Aug 30  2009 lighttpd-fastcgi.conf
-rw-r--r-- 1 root root 1013 Feb  9  2009 named-refused.conf
-rw-r--r-- 1 root root  870 May 21  2008 pam-generic.conf
-rw-r--r-- 1 root root  867 Aug 30  2009 php-url-fopen.conf
-rw-r--r-- 1 root root  591 Feb  8  2009 postfix.conf
-rw-r--r-- 1 root root  866 Jun 29  2010 proftpd.conf
-rw-r--r-- 1 root root  806 Jun 29  2010 pure-ftpd.conf
-rw-r--r-- 1 root root  111 Mar 27 06:25 pureftpd.conf
-rw-r--r-- 1 root root  606 Feb  8  2009 qmail.conf
-rw-r--r-- 1 root root   72 Mar 27 08:58 roundcube.conf
-rw-r--r-- 1 root root  679 Feb  8  2009 sasl.conf
-rw-r--r-- 1 root root  581 Feb  3  2009 sieve.conf
-rw-r--r-- 1 root root 1649 Jun 29  2010 sshd.conf
-rw-r--r-- 1 root root  627 Feb  8  2009 sshd-ddos.conf
-rw-r--r-- 1 root root  700 Feb  8  2009 vsftpd.conf
-rw-r--r-- 1 root root  827 Feb  8  2009 webmin-auth.conf
-rw-r--r-- 1 root root  437 May 21  2008 wuftpd.conf
-rw-r--r-- 1 root root  848 Feb  8  2009 xinetd-fail.conf
xxxx :~$
Reply With Quote
  #4  
Old 29th March 2011, 11:33
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,740 Times in 2,575 Posts
Default

What's in /etc/fail2ban/jail.local?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 31st March 2011, 18:52
eko_taas eko_taas is offline
Member
 
Join Date: Feb 2011
Posts: 92
Thanks: 2
Thanked 12 Times in 10 Posts
Default

Sorry for delay - see enclosed (should be as per perfect server and then ssl-roundcube instructions, but only 3 trials)

Code:
[pureftpd]

enabled  = true
port     = ftp
filter   = pureftpd
logpath  = /var/log/syslog
maxretry = 3


[sasl]

enabled  = true
port     = smtp
filter   = sasl
logpath  = /var/log/mail.log
maxretry = 3


[courierpop3]

enabled  = true
port     = pop3
filter   = courierpop3
logpath  = /var/log/mail.log
maxretry = 3


[courierpop3s]

enabled  = true
port     = pop3s
filter   = courierpop3s
logpath  = /var/log/mail.log
maxretry = 3


[courierimap]

enabled  = true
port     = imap2
filter   = courierimap
logpath  = /var/log/mail.log
maxretry = 3


[courierimaps]

enabled  = true
port     = imaps
filter   = courierimaps
logpath  = /var/log/mail.log
maxretry = 3


[roundcube]
enabled  = true
port     = http,8080
filter   = roundcube
logpath  = /var/log/roundcube/userlogins
maxretry = 3
[webmin-auth]
enabled = true
port    = 10000
filter  = webmin-auth
logpath  = /var/log/auth.log
maxretry = 3
Thanks for support....
Reply With Quote
  #6  
Old 1st April 2011, 10:59
8omas 8omas is offline
Senior Member
 
Join Date: Jan 2011
Posts: 148
Thanks: 16
Thanked 35 Times in 26 Posts
Default

What's the output of:
Code:
iptables -L -n
Reply With Quote
  #7  
Old 3rd April 2011, 16:58
eko_taas eko_taas is offline
Member
 
Join Date: Feb 2011
Posts: 92
Thanks: 2
Thanked 12 Times in 10 Posts
Default

This is how it looks:

Code:
# iptables -L -n

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
fail2ban-sasl  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 25 
fail2ban-courierimaps  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 993 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain fail2ban-courierimaps (1 references)
target     prot opt source               destination         
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           

Chain fail2ban-sasl (1 references)
target     prot opt source               destination         
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           
root@server1:/home/asyamain#
what next?
Reply With Quote
  #8  
Old 3rd April 2011, 20:28
8omas 8omas is offline
Senior Member
 
Join Date: Jan 2011
Posts: 148
Thanks: 16
Thanked 35 Times in 26 Posts
Default

I think that not all of jails start.
Maybe this will help:
http://www.howtoforge.com/extending-...ispconfig-3-p2
(make the change in /usr/bin/fail2ban-client)

or this one
http://www.howtoforge.com/forums/showthread.php?t=51599
Reply With Quote
  #9  
Old 8th April 2011, 11:17
eko_taas eko_taas is offline
Member
 
Join Date: Feb 2011
Posts: 92
Thanks: 2
Thanked 12 Times in 10 Posts
Default

Thanks for your help,

Now after changes looks like

Code:
# iptables -L -n 
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
fail2ban-sasl  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 25 
fail2ban-roundcube  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 80,8080 
fail2ban-courierimap  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 143 
fail2ban-ssh  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 22 
fail2ban-pureftpd  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 21 
fail2ban-webmin-auth  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 10000 
fail2ban-courierpop3s  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 995 
fail2ban-courierimaps  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 993 
fail2ban-courierpop3  tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 110 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain fail2ban-courierimap (1 references)
target     prot opt source               destination         
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           

Chain fail2ban-courierimaps (1 references)
target     prot opt source               destination         
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           

Chain fail2ban-courierpop3 (1 references)
target     prot opt source               destination         
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           

Chain fail2ban-courierpop3s (1 references)
target     prot opt source               destination         
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           

Chain fail2ban-pureftpd (1 references)
target     prot opt source               destination         
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           

Chain fail2ban-roundcube (1 references)
target     prot opt source               destination         
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           

Chain fail2ban-sasl (1 references)
target     prot opt source               destination         
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           

Chain fail2ban-ssh (1 references)
target     prot opt source               destination         
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           

Chain fail2ban-webmin-auth (1 references)
target     prot opt source               destination         
RETURN     all  --  0.0.0.0/0            0.0.0.0/0
Does it look OK now?
Reply With Quote
  #10  
Old 8th April 2011, 11:24
eko_taas eko_taas is offline
Member
 
Join Date: Feb 2011
Posts: 92
Thanks: 2
Thanked 12 Times in 10 Posts
 
Default

ISPConfig3 monitor (Fail2Ban Log) looks better now (at least for newbee)

Code:
2011-04-08 09:13:57,025 fail2ban.server : INFO Exiting Fail2ban
2011-04-08 09:13:57,801 fail2ban.server : INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.4-SVN
2011-04-08 09:13:57,853 fail2ban.jail : INFO Creating new jail 'courierpop3'
2011-04-08 09:13:57,853 fail2ban.jail : INFO Jail 'courierpop3' uses poller
2011-04-08 09:13:57,921 fail2ban.filter : INFO Added logfile = /var/log/mail.log
2011-04-08 09:13:57,973 fail2ban.filter : INFO Set maxRetry = 3
2011-04-08 09:13:58,074 fail2ban.filter : INFO Set findtime = 600
2011-04-08 09:13:58,125 fail2ban.actions: INFO Set banTime = 600
2011-04-08 09:13:58,682 fail2ban.jail : INFO Creating new jail 'courierimaps'
2011-04-08 09:13:58,683 fail2ban.jail : INFO Jail 'courierimaps' uses poller
2011-04-08 09:13:58,734 fail2ban.filter : INFO Added logfile = /var/log/mail.log
2011-04-08 09:13:58,785 fail2ban.filter : INFO Set maxRetry = 3
2011-04-08 09:13:58,886 fail2ban.filter : INFO Set findtime = 600
2011-04-08 09:13:58,937 fail2ban.actions: INFO Set banTime = 600
2011-04-08 09:13:59,495 fail2ban.jail : INFO Creating new jail 'courierpop3s'
2011-04-08 09:13:59,507 fail2ban.jail : INFO Jail 'courierpop3s' uses poller
2011-04-08 09:13:59,558 fail2ban.filter : INFO Added logfile = /var/log/mail.log
2011-04-08 09:13:59,609 fail2ban.filter : INFO Set maxRetry = 3
2011-04-08 09:13:59,710 fail2ban.filter : INFO Set findtime = 600
2011-04-08 09:13:59,761 fail2ban.actions: INFO Set banTime = 600
2011-04-08 09:14:00,320 fail2ban.jail : INFO Creating new jail 'webmin-auth'
2011-04-08 09:14:00,320 fail2ban.jail : INFO Jail 'webmin-auth' uses poller
2011-04-08 09:14:00,372 fail2ban.filter : INFO Added logfile = /var/log/auth.log
2011-04-08 09:14:00,423 fail2ban.filter : INFO Set maxRetry = 3
2011-04-08 09:14:00,524 fail2ban.filter : INFO Set findtime = 600
2011-04-08 09:14:00,575 fail2ban.actions: INFO Set banTime = 600
2011-04-08 09:14:01,185 fail2ban.jail : INFO Creating new jail 'pureftpd'
2011-04-08 09:14:01,185 fail2ban.jail : INFO Jail 'pureftpd' uses poller
2011-04-08 09:14:01,236 fail2ban.filter : INFO Added logfile = /var/log/syslog
2011-04-08 09:14:01,287 fail2ban.filter : INFO Set maxRetry = 3
2011-04-08 09:14:01,389 fail2ban.filter : INFO Set findtime = 600
2011-04-08 09:14:01,440 fail2ban.actions: INFO Set banTime = 600
2011-04-08 09:14:01,998 fail2ban.jail : INFO Creating new jail 'ssh'
2011-04-08 09:14:01,998 fail2ban.jail : INFO Jail 'ssh' uses poller
2011-04-08 09:14:02,050 fail2ban.filter : INFO Added logfile = /var/log/auth.log
2011-04-08 09:14:02,101 fail2ban.filter : INFO Set maxRetry = 6
2011-04-08 09:14:02,202 fail2ban.filter : INFO Set findtime = 600
2011-04-08 09:14:02,253 fail2ban.actions: INFO Set banTime = 600
2011-04-08 09:14:03,321 fail2ban.jail : INFO Creating new jail 'courierimap'
2011-04-08 09:14:03,321 fail2ban.jail : INFO Jail 'courierimap' uses poller
2011-04-08 09:14:03,373 fail2ban.filter : INFO Added logfile = /var/log/mail.log
2011-04-08 09:14:03,424 fail2ban.filter : INFO Set maxRetry = 3
2011-04-08 09:14:03,525 fail2ban.filter : INFO Set findtime = 600
2011-04-08 09:14:03,576 fail2ban.actions: INFO Set banTime = 600
2011-04-08 09:14:04,134 fail2ban.jail : INFO Creating new jail 'roundcube'
2011-04-08 09:14:04,135 fail2ban.jail : INFO Jail 'roundcube' uses poller
2011-04-08 09:14:04,186 fail2ban.filter : INFO Added logfile = /var/log/roundcube/userlogins
2011-04-08 09:14:04,237 fail2ban.filter : INFO Set maxRetry = 3
2011-04-08 09:14:04,338 fail2ban.filter : INFO Set findtime = 600
2011-04-08 09:14:04,389 fail2ban.actions: INFO Set banTime = 600
2011-04-08 09:14:04,440 fail2ban.filter : ERROR No 'host' group in 'FAILED login for .*. from '
2011-04-08 09:14:04,947 fail2ban.jail : INFO Creating new jail 'sasl'
2011-04-08 09:14:04,947 fail2ban.jail : INFO Jail 'sasl' uses poller
2011-04-08 09:14:04,999 fail2ban.filter : INFO Added logfile = /var/log/mail.log
2011-04-08 09:14:05,050 fail2ban.filter : INFO Set maxRetry = 3
2011-04-08 09:14:05,151 fail2ban.filter : INFO Set findtime = 600
2011-04-08 09:14:05,202 fail2ban.actions: INFO Set banTime = 600
2011-04-08 09:14:05,761 fail2ban.jail : INFO Jail 'courierpop3' started
2011-04-08 09:14:05,813 fail2ban.jail : INFO Jail 'courierimaps' started
2011-04-08 09:14:05,865 fail2ban.jail : INFO Jail 'courierpop3s' started
2011-04-08 09:14:05,917 fail2ban.jail : INFO Jail 'webmin-auth' started
2011-04-08 09:14:05,969 fail2ban.jail : INFO Jail 'pureftpd' started
2011-04-08 09:14:06,021 fail2ban.jail : INFO Jail 'ssh' started
2011-04-08 09:14:06,073 fail2ban.jail : INFO Jail 'courierimap' started
2011-04-08 09:14:06,125 fail2ban.jail : INFO Jail 'roundcube' started
2011-04-08 09:14:06,177 fail2ban.jail : INFO Jail 'sasl' started
I'll assume now OK - big thanks
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Version 1.3 of the ISPConfig 3 Manual is finally available! falko General 44 2nd December 2011 12:04


All times are GMT +2. The time now is 05:11.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.