diff options
author | Cyril Jaquier <cyril.jaquier@fail2ban.org> | 2004-10-12 21:45:41 +0000 |
---|---|---|
committer | Cyril Jaquier <cyril.jaquier@fail2ban.org> | 2004-10-12 21:45:41 +0000 |
commit | 03d73b78f84f717c1c221315f2ed53a4f59b6629 (patch) | |
tree | eaeab4a08109353190946487809f4d031465855b | |
parent | 4eeb61c0e163a429ffeccfa10fb1270e6af98bd4 (diff) | |
download | fail2ban-0.1.0.tar.gz |
- Setup and dist files0.1.0
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@22 a942ae1a-1317-0410-a47c-b1dcaea8d605
-rw-r--r-- | CHANGELOG | 12 | ||||
-rw-r--r-- | MANIFEST | 12 | ||||
-rw-r--r-- | README | 116 | ||||
-rw-r--r-- | setup.cfg | 5 | ||||
-rwxr-xr-x | setup.py | 42 | ||||
-rw-r--r-- | version.py | 27 |
6 files changed, 214 insertions, 0 deletions
diff --git a/CHANGELOG b/CHANGELOG new file mode 100644 index 00000000..23a93525 --- /dev/null +++ b/CHANGELOG @@ -0,0 +1,12 @@ + __ _ _ ___ _ + / _|__ _(_) |_ ) |__ __ _ _ _ + | _/ _` | | |/ /| '_ \/ _` | ' \ + |_| \__,_|_|_/___|_.__/\__,_|_||_| + +============================================================= +Fail2Ban (version 0.1.0) 10/12/2004 +============================================================= + +ver. 0.1.0 (10/12/2004) - alpha +---------- +- Initial release diff --git a/MANIFEST b/MANIFEST new file mode 100644 index 00000000..233eed8b --- /dev/null +++ b/MANIFEST @@ -0,0 +1,12 @@ +README +CHANGELOG +setup.cfg +setup.py +version.py +fail2ban.py +firewall/__init__.py +firewall/firewall.py +firewall/iptables.py +logreader/__init__.py +logreader/logreader.py +logreader/metalog.py @@ -0,0 +1,116 @@ + __ _ _ ___ _ + / _|__ _(_) |_ ) |__ __ _ _ _ + | _/ _` | | |/ /| '_ \/ _` | ' \ + |_| \__,_|_|_/___|_.__/\__,_|_||_| + +============================================================= +Fail2Ban (version 0.1.0) 10/12/2004 +============================================================= + +Fail2Ban scans log files like /var/log/pwdfail and bans IP +that makes too much password failures. It updates firewall +rules to reject the IP address. Currently metalog and +iptables are supported but it should work with other syslog +daemons. It needs log4py. + +This is my first Python program. I began learning Python for +less than one week so please be understanding ;-) English is +not either my mother tongue... + + +More details: +------------- + +Fail2Ban is rather simple. I have a home server connected to +the Internet which runs apache, samba, sshd, ... I see in my +logs that people are trying to log into my box using "manual" +brute force or scripts. They try 10, 20 and sometimes more +user/password (without success anyway). In order to +discourage these script kiddies, I wanted that sshd refuse +login from a specific ip after 3 password failures. After +some google searches, I found that sshd was not able of that. +So I search for a script or program that do it. Found +nothing :-( So I decide to write mine and to learn Python :-) + +I read the log file (/var/log/pwdfail/current on metalog) and +search for line with "Failed password". Then get the ip and +if it has already done 3 or more password failure in the last +banTime, I ban the ip for banTime using a iptable rule. After +banTime, the rule is deleted. + +Runs on my server and does its job rather well :-) The idea +is to make fail2ban usable with most syslog daemons and +services that require a login (sshd, telnetd, ...). It should +also support others firewalls than iptables. + + +Installation: +------------- + +Require: python-2.? (http://www.python.org) + log4py-1.1 (http://sourceforge.net/projects/log4py) + +To install, just do: + +> tar xvfj fail2ban-0.1.0.tar.bz2 +> cd fail2ban-0.1.0 +> python setup.py install + +Fail2Ban should now be correctly installed. Just type: + +> fail2ban.py -h + +to see if everything is alright. + + +Configuration: +-------------- + +For the time, there is no configuration file. You must use +commande line options instead. Here are the options: + + -b start fail2ban in background + -d start fail2ban in debug mode + -f <FILE> read password failure from FILE + -h display this help message + -l <FILE> log message in FILE + -t <TIME> ban IP for TIME seconds + -v verbose + + +Contact: +-------- + +You need some new features, you found bugs or you just +appreciate this program, you can contact me at : + +Website: http://www.sourceforge.net/projects/fail2ban + +Cyril Jaquier: <lostcontrol@users.sourceforge.net> + + +Thanks: +------- + +Kévin Drapel, Marvin Rouge + + +License: +-------- + +Fail2Ban is free software; you can redistribute it +and/or modify it under the terms of the GNU General Public +License as published by the Free Software Foundation; either +version 2 of the License, or (at your option) any later +version. + +Fail2Ban is distributed in the hope that it will be +useful, but WITHOUT ANY WARRANTY; without even the implied +warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +PURPOSE. See the GNU General Public License for more +details. + +You should have received a copy of the GNU General Public +License along with Fail2Ban; if not, write to the Free +Software Foundation, Inc., 59 Temple Place, Suite 330, +Boston, MA 02111-1307 USA diff --git a/setup.cfg b/setup.cfg new file mode 100644 index 00000000..fba97f88 --- /dev/null +++ b/setup.cfg @@ -0,0 +1,5 @@ +[install] +install-purelib=/usr/lib/fail2ban + +[sdist] +formats=bztar diff --git a/setup.py b/setup.py new file mode 100755 index 00000000..b1eafeda --- /dev/null +++ b/setup.py @@ -0,0 +1,42 @@ +#!/usr/bin/env python + +# This file is part of Fail2Ban. +# +# Fail2Ban is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# Fail2Ban is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Fail2Ban; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +# Author: Cyril Jaquier +# +# $Revision$ + +__author__ = "Cyril Jaquier" +__version__ = "$Revision$" +__date__ = "$Date$" +__copyright__ = "Copyright (c) 2004 Cyril Jaquier" +__license__ = "GPL" + +from distutils.core import setup +from version import version + +setup( + name = "fail2ban", + version = version, + description = "Ban IPs that make too much password failure", + author = "Cyril Jaquier", + author_email = "lostcontrol@users.sourceforge.net", + url = "http://www.sourceforge.net/projects/fail2ban", + scripts = ['fail2ban.py'], + py_modules = ['version'], + packages = ['firewall', 'logreader'] +)
\ No newline at end of file diff --git a/version.py b/version.py new file mode 100644 index 00000000..41ddf79c --- /dev/null +++ b/version.py @@ -0,0 +1,27 @@ +# This file is part of Fail2Ban. +# +# Fail2Ban is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# Fail2Ban is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Fail2Ban; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +# Author: Cyril Jaquier +# +# $Revision$ + +__author__ = "Cyril Jaquier" +__version__ = "$Revision$" +__date__ = "$Date$" +__copyright__ = "Copyright (c) 2004 Cyril Jaquier" +__license__ = "GPL" + +version = "0.1.0"
\ No newline at end of file |