From: Klaus L. <leh...@t-...> - 2009-01-06 09:26:56
|
On Sun, 4 Jan 2009 21:45:32 +0100, Iain Lea wrote: hi Iain my advice 1. use snapshot: (it's the newest) http://www.fail2ban.org/nightly/fail2ban-FAIL2BAN-0_8.tar.bz2 2. it's eays to install, by Yourself ;-) to do only this: python setup.py install why: I don't want to use precompiled packages. yours klaus <cit>I have spent the last day trying to get fail2ban 0.8.3 working on: <cit> <cit>- Fedora 10 64 bit running on a dual opteron server + 8GB RAM <cit>- Linux fw1-lan010 2.6.27.5-117.fc10.x86_64 #1 SMP Tue Nov 18 11:58:53 EST 2008 x86_64 x86_64 x86_64 GNU/Linux <cit>- python-2.5.2-1.fc10.x86_64 <cit>- fail2ban-0.8.3-16.fc10.noarch <cit> <cit>System is configured to send *.* to /var/log/messages (everything in 1 <cit>logfile) which is then used in fail2ban config files. <cit> <cit>/etc/rsyslog.conf: <cit> <cit># provides --MARK-- message capability <cit>$ModLoad immark <cit># provides UDP syslog reception <cit>$ModLoad imudp <cit># provides TCP syslog reception <cit>$ModLoad imtcp <cit># provides support for local system logging (e.g. via logger command) <cit>$ModLoad imuxsock <cit># provides kernel logging support (previously done by rklogd) <cit>$ModLoad imklog <cit># provides GSSAPI syslog reception <cit>#$ModLoad imgssapi <cit> <cit># this MUST be before the $UDPServerRun directive! <cit>$UDPServerAddress 192.168.10.5 <cit>$UDPServerRun 514 <cit> <cit>*.* /var/log/messages <cit> <cit>Output format with iso date in /var/log/messages is: <cit> <cit>2009-01-04T11:55:19.271930+01:00 fw1-lan010 sshd[9934]: \ <cit> Failed password for invalid user unitedcolo from \ <cit> 195.70.36.149 port 44542 ssh2 <cit> <cit>Same config but with old style date in syslog worked fine on <cit>Fedora 6 and 8 systems. <cit> <cit>I have attached various debug info as it just does not work. <cit> <cit>Has anyone any tips to try and fix this as I am out of them? <cit> <cit>Thanx <cit> <cit>Iain <cit> |