On Thu, Mar 20, 2014 at 10:36:38PM -0600, Orion Poplawski wrote:
> > because the journal isn't optional in Fedora. And I think I'd combine
> > mail and sendmail (because the /usr/sbin/sendmail command can be
> > provided by a lot of alternatives, including the very lightweight
> > ssmtp).
> Yeah, I
On 03/20/2014 01:12 PM, Matthew Miller wrote:
> On Thu, Mar 20, 2014 at 12:17:46PM -0400, Przemek Klosowski wrote:
> fail2ban-server - core components with minimal deps
> fail2ban-firewalld - firewalld support/configuration - requires firewalld
> fail2ban-hostsdeny - tcp_wrappers hosts.
On Thu, Mar 20, 2014 at 8:54 AM, Jonathan Underwood <
jonathan.underw...@gmail.com> wrote:
> On 20 March 2014 13:04, Richard Shaw wrote:
> > On Wed, Mar 19, 2014 at 10:57 PM, Orion Poplawski
> > wrote:
> >>
> >> On 03/19/2014 09:10 PM, Richard Shaw wrote:
> >> > Ok using Jonathan's suggestion fo
On Thu, Mar 20, 2014 at 12:17:46PM -0400, Przemek Klosowski wrote:
> >>>fail2ban-server - core components with minimal deps
> >>>fail2ban-firewalld - firewalld support/configuration - requires firewalld
> >>>fail2ban-hostsdeny - tcp_wrappers hosts.deny support - requires
> >>>tcp_wrappers
> >>>fai
On 20 March 2014 16:17, Przemek Klosowski wrote:
> I am concerned that this looks like configuring the fail2ban package by
> installing more packages. If we started doing it everywhere multiple
> packages interact, it would combinatorially explode the number of packages
> and make the system hard
On 03/20/2014 12:24 AM, Orion Poplawski wrote:
On 03/19/2014 02:56 PM, Matthew Miller wrote:
On Wed, Mar 19, 2014 at 02:32:40PM -0600, Orion Poplawski wrote:
Hmm, I like this alternative a lot. I'm probably taking this too
far, but I'm thinking of:
fail2ban-server - core components with minim
On 20 March 2014 13:04, Richard Shaw wrote:
> On Wed, Mar 19, 2014 at 10:57 PM, Orion Poplawski
> wrote:
>>
>> On 03/19/2014 09:10 PM, Richard Shaw wrote:
>> > Ok using Jonathan's suggestion for the settings from a clean install I'm
>> > getting an error whether I use the systemd backend or not..
On Wed, Mar 19, 2014 at 10:57 PM, Orion Poplawski wrote:
> On 03/19/2014 09:10 PM, Richard Shaw wrote:
> > Ok using Jonathan's suggestion for the settings from a clean install I'm
> > getting an error whether I use the systemd backend or not...
> >
> >[12698]: ERROR ipset
> > create fail2ban-ssh
On 03/19/2014 02:56 PM, Matthew Miller wrote:
> On Wed, Mar 19, 2014 at 02:32:40PM -0600, Orion Poplawski wrote:
>> Hmm, I like this alternative a lot. I'm probably taking this too
>> far, but I'm thinking of:
>>
>> fail2ban-server - core components with minimal deps
>>
>> fail2ban-firewalld - fir
On 03/19/2014 09:10 PM, Richard Shaw wrote:
> Ok using Jonathan's suggestion for the settings from a clean install I'm
> getting an error whether I use the systemd backend or not...
>
>[12698]: ERROR ipset
> create fail2ban-sshd hash:ip timeout 600
> firewall-cmd --direct --add-rule ipv4 filter
Ok using Jonathan's suggestion for the settings from a clean install I'm
getting an error whether I use the systemd backend or not...
2014-03-19 22:06:57,956 fail2ban.server.server[12698]: INFOChanged
logging target to /var/log/fail2ban.log for Fail2ban v0.9.0
2014-03-19 22:06:57,961 fail2ban.
On Wed, Mar 19, 2014 at 02:32:40PM -0600, Orion Poplawski wrote:
> Hmm, I like this alternative a lot. I'm probably taking this too
> far, but I'm thinking of:
>
> fail2ban-server - core components with minimal deps
>
> fail2ban-firewalld - firewalld support/configuration - requires firewalld
>
On 03/19/2014 05:38 AM, Matthew Miller wrote:
On Tue, Mar 18, 2014 at 11:09:31PM -0600, Orion Poplawski wrote:
- Stick it in a fail2ban-firewalld sub-package that requires firewalld.
Downside is that people need to figure out that they really should
install this for default installs. Upside
On 19 March 2014 15:10, Orion Poplawski wrote:
> See https://bugzilla.redhat.com/show_bug.cgi?id=1046816
> You are going to need fail2ban-0.9-2 - f20 build is here
> http://koji.fedoraproject.org/koji/taskinfo?taskID=6651548. More testing
> would be much appreciated.
On a default F20 install w
On 19 March 2014 19:16, Reindl Harald wrote:
> Am 19.03.2014 20:14, schrieb Jonathan Underwood:
>> On 19 March 2014 15:10, Orion Poplawski wrote:
>>> See https://bugzilla.redhat.com/show_bug.cgi?id=1046816
>>> You are going to need fail2ban-0.9-2 - f20 build is here
>>> http://koji.fedoraproject
On 19 March 2014 19:23, Reindl Harald wrote:
> Am 19.03.2014 20:21, schrieb Jonathan Underwood:
>> On 19 March 2014 19:16, Reindl Harald wrote:
>>> but with not take care of it you would end in having firewalld as mandatory
>>> dependency which is the main point of that thread - there are still w
Am 19.03.2014 20:21, schrieb Jonathan Underwood:
> On 19 March 2014 19:16, Reindl Harald wrote:
>> but with not take care of it you would end in having firewalld as mandatory
>> dependency which is the main point of that thread - there are still way
>> too much circular dependencies making it hard
Am 19.03.2014 20:14, schrieb Jonathan Underwood:
> On 19 March 2014 15:10, Orion Poplawski wrote:
>> See https://bugzilla.redhat.com/show_bug.cgi?id=1046816
>> You are going to need fail2ban-0.9-2 - f20 build is here
>> http://koji.fedoraproject.org/koji/taskinfo?taskID=6651548. More testing
>>
On 03/19/2014 07:42 AM, Richard Shaw wrote:
On Wed, Mar 19, 2014 at 12:09 AM, Orion Poplawski mailto:or...@cora.nwra.com>> wrote:
fail2ban doesn't work out of the box with firewalld. However, we can
drop a config file at /etc/fail2ban/jail.d/fedora-firewalld.conf to
enable it.
Whe
On Wed, Mar 19, 2014 at 12:09 AM, Orion Poplawski wrote:
> fail2ban doesn't work out of the box with firewalld. However, we can
> drop a config file at /etc/fail2ban/jail.d/fedora-firewalld.conf to
> enable it.
Where is this configuration file available? I'd love to have a copy until
this get's
On Tue, Mar 18, 2014 at 11:09:31PM -0600, Orion Poplawski wrote:
> - Do we do this by default, because firewalld is the default firewall in
> Fedora? I would not want to require firewalld though because fail2ban
> can work perfectly fine without it, so it would be broken by default on
> systems wi
fail2ban doesn't work out of the box with firewalld. However, we can
drop a config file at /etc/fail2ban/jail.d/fedora-firewalld.conf to
enable it. I'm wondering:
- Do we do this by default, because firewalld is the default firewall in
Fedora? I would not want to require firewalld though becaus
22 matches
Mail list logo
