File fail2ban-opensuse-locations.patch of Package fail2ban.openSUSE_13.1_Update
diff -ur fail2ban-0.8.14.orig/config/jail.conf fail2ban-0.8.14/config/jail.conf
--- fail2ban-0.8.14.orig/config/jail.conf 2014-08-19 22:23:33.000000000 +0200
+++ fail2ban-0.8.14/config/jail.conf 2014-08-20 17:39:21.428256837 +0200
@@ -80,7 +80,7 @@
enabled = false
filter = pam-generic
action = iptables-allports[name=pam,protocol=all]
-logpath = /var/log/secure
+logpath = /var/log/messages
[xinetd-fail]
@@ -97,7 +97,7 @@
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
sendmail-whois[name=SSH, dest=you@example.com, sender=fail2ban@example.com, sendername="Fail2Ban"]
-logpath = /var/log/sshd.log
+logpath = /var/log/messages
maxretry = 5
@@ -106,7 +106,7 @@
enabled = false
filter = sshd-ddos
action = iptables[name=SSHDDOS, port=ssh, protocol=tcp]
-logpath = /var/log/sshd.log
+logpath = /var/log/messages
maxretry = 2
@@ -135,7 +135,7 @@
filter = gssftpd
action = iptables[name=GSSFTPd, port=ftp, protocol=tcp]
sendmail-whois[name=GSSFTPd, dest=you@example.com]
-logpath = /var/log/daemon.log
+logpath = /var/log/messages
maxretry = 6
@@ -144,7 +144,7 @@
enabled = false
filter = pure-ftpd
action = iptables[name=pureftpd, port=ftp, protocol=tcp]
-logpath = /var/log/pureftpd.log
+logpath = /var/log/messages
maxretry = 6
@@ -153,7 +153,7 @@
enabled = false
filter = wuftpd
action = iptables[name=wuftpd, port=ftp, protocol=tcp]
-logpath = /var/log/daemon.log
+logpath = /var/log/messages
maxretry = 6
@@ -162,7 +162,7 @@
enabled = false
filter = sendmail-auth
action = iptables-multiport[name=sendmail-auth, port="submission,465,smtp", protocol=tcp]
-logpath = /var/log/mail.log
+logpath = /var/log/mail
[sendmail-reject]
@@ -170,7 +170,7 @@
enabled = false
filter = sendmail-reject
action = iptables-multiport[name=sendmail-auth, port="submission,465,smtp", protocol=tcp]
-logpath = /var/log/mail.log
+logpath = /var/log/mail
# This jail forces the backend to "polling".
@@ -181,7 +181,7 @@
backend = polling
action = iptables[name=sasl, port=smtp, protocol=tcp]
sendmail-whois[name=sasl, dest=you@example.com]
-logpath = /var/log/mail.log
+logpath = /var/log/mail
# ASSP SMTP Proxy Jail
@@ -202,7 +202,7 @@
action = hostsdeny[daemon_list=sshd]
sendmail-whois[name=SSH, dest=you@example.com]
ignoreregex = for myuser from
-logpath = /var/log/sshd.log
+logpath = /var/log/messages
# Here we use blackhole routes for not requiring any additional kernel support
@@ -212,7 +212,7 @@
enabled = false
filter = sshd
action = route
-logpath = /var/log/sshd.log
+logpath = /var/log/messages
maxretry = 5
@@ -226,7 +226,7 @@
enabled = false
filter = sshd
action = iptables-ipset-proto4[name=SSH, port=ssh, protocol=tcp]
-logpath = /var/log/sshd.log
+logpath = /var/log/messages
maxretry = 5
@@ -235,7 +235,7 @@
enabled = false
filter = sshd
action = iptables-ipset-proto6[name=SSH, port=ssh, protocol=tcp, bantime=600]
-logpath = /var/log/sshd.log
+logpath = /var/log/messages
maxretry = 5
@@ -329,7 +329,7 @@
enabled = false
filter = cyrus-imap
action = iptables-multiport[name=cyrus-imap,port="143,993"]
-logpath = /var/log/mail*log
+logpath = /var/log/mail
[courierlogin]
@@ -337,7 +337,7 @@
enabled = false
filter = courierlogin
action = iptables-multiport[name=courierlogin,port="25,110,143,465,587,993,995"]
-logpath = /var/log/mail*log
+logpath = /var/log/mail
[couriersmtp]
@@ -345,7 +345,7 @@
enabled = false
filter = couriersmtp
action = iptables-multiport[name=couriersmtp,port="25,465,587"]
-logpath = /var/log/mail*log
+logpath = /var/log/mail
[qmail-rbl]
@@ -361,7 +361,7 @@
enabled = false
filter = sieve
action = iptables-multiport[name=sieve,port="25,465,587"]
-logpath = /var/log/mail*log
+logpath = /var/log/mail
# Do not ban anybody. Just report information about the remote host.
@@ -396,7 +396,8 @@
filter = apache-badbots
action = iptables-multiport[name=BadBots, port="http,https"]
sendmail-buffered[name=BadBots, lines=5, dest=you@example.com]
-logpath = /var/www/*/logs/access_log
+logpath = /var/log/apache/access_log
+ /var/log/apache2/*/access_log
bantime = 172800
maxretry = 1
@@ -466,7 +467,7 @@
enabled = false
action = iptables-multiport[name=php-url-open, port="http,https"]
filter = php-url-fopen
-logpath = /var/www/*/logs/access_log
+logpath = /var/log/apache/access_log
maxretry = 1
@@ -500,7 +501,7 @@
filter = sshd
action = ipfw[localhost=192.168.0.1]
sendmail-whois[name="SSH,IPFW", dest=you@example.com]
-logpath = /var/log/auth.log
+logpath = /var/log/messages
ignoreip = 168.192.0.1
@@ -531,7 +532,7 @@
filter = named-refused
action = iptables-multiport[name=Named, port="domain,953", protocol=tcp]
sendmail-whois[name=Named, dest=you@example.com]
-logpath = /var/log/named/security.log
+logpath = /var/lib/named/log/security.log
ignoreip = 168.192.0.1
@@ -601,7 +602,7 @@
filter = mysqld-auth
action = iptables[name=mysql, port=3306, protocol=tcp]
sendmail-whois[name=MySQL, dest=root, sender=fail2ban@example.com]
-logpath = /var/log/mysqld.log
+logpath = /var/log/mysql/mysqld.log
maxretry = 5
@@ -610,7 +611,7 @@
enabled = false
filter = mysqld-auth
action = iptables[name=mysql, port=3306, protocol=tcp]
-logpath = /var/log/daemon.log
+logpath = /var/log/mysql/mysqld.log
maxretry = 5
@@ -637,7 +638,7 @@
enabled = false
filter = sshd
action = pf
-logpath = /var/log/sshd.log
+logpath = /var/log/messages
maxretry = 5
@@ -723,7 +724,7 @@
enabled = false
filter = dovecot
action = iptables-multiport[name=dovecot, port="pop3,pop3s,imap,imaps,submission,465,sieve", protocol=tcp]
-logpath = /var/log/mail.log
+logpath = /var/log/mail
[dovecot-auth]
@@ -731,7 +732,7 @@
enabled = false
filter = dovecot
action = iptables-multiport[name=dovecot-auth, port="pop3,pop3s,imap,imaps,submission,465,sieve", protocol=tcp]
-logpath = /var/log/secure
+logpath = /var/log/mail
[solid-pop3d]
@@ -739,7 +740,7 @@
enabled = false
filter = solid-pop3d
action = iptables-multiport[name=solid-pop3, port="pop3,pop3s", protocol=tcp]
-logpath = /var/log/mail.log
+logpath = /var/log/mail
[selinux-ssh]
@@ -761,7 +762,7 @@
action = iptables[name=SSH, port=ssh, protocol=tcp]
sendmail-whois[name=SSH, dest=you@example.com, sender=fail2ban@example.com, sendername="Fail2Ban"]
blocklist_de[email="fail2ban@example.com", apikey="xxxxxx", service=%(filter)s]
-logpath = /var/log/sshd.log
+logpath = /var/log/messages
maxretry = 20
