fail2ban | paths-common.conf

# Common


after = paths-overrides.local


default_backend = auto

sshd_log = %(syslog_authpriv)s
sshd_backend = %(default_backend)s

dropbear_log = %(syslog_authpriv)s
dropbear_backend = %(default_backend)s

# There is no sensible generic defaults for syslog log targets, thus
# leaving them empty here so that no errors while parsing/interpolating configs
syslog_daemon =
syslog_ftp =
syslog_local0 =
syslog_mail_warn =
syslog_user =
# Set the default syslog backend target to default_backend
syslog_backend = %(default_backend)s

# from /etc/audit/auditd.conf
auditd_log = /var/log/audit/audit.log

exim_main_log = /var/log/exim/mainlog

nginx_error_log = /var/log/nginx/*error.log

nginx_access_log = /var/log/nginx/*access.log


lighttpd_error_log = /var/log/lighttpd/error.log

# syslog_user is the default. Lighttpd also hooks errors into its log.

suhosin_log = %(syslog_user)s

# defaults to ftp or local2 if ftp doesn't exist
proftpd_log = %(syslog_ftp)s
proftpd_backend = %(default_backend)s

# defaults to ftp but can be overwritten.
pureftpd_log = %(syslog_ftp)s
pureftpd_backend = %(default_backend)s

# ftp, daemon and then local7 are tried at configure time however it is overwriteable at configure time
wuftpd_log = %(syslog_ftp)s
wuftpd_backend = %(default_backend)s

# syslog_enable defaults to no. so it defaults to vsftpd_log_file setting of /var/log/vsftpd.log
# No distro seems to set it to syslog by default
# If syslog set it defaults to ftp facility if exists at compile time otherwise falls back to daemonlog.
vsftpd_log = /var/log/vsftpd.log

# Technically syslog_facility in can overwrite but no-one sane does this.
postfix_log = %(syslog_mail_warn)s
postfix_backend = %(default_backend)s

dovecot_log = %(syslog_mail_warn)s
dovecot_backend = %(default_backend)s

# Seems to be set at compile time only to LOG_LOCAL0 (src/const.h) at Notice level
solidpop3d_log = %(syslog_local0)s

mysql_log = %(syslog_daemon)s
mysql_backend = %(default_backend)s

roundcube_errors_log = /var/log/roundcube/errors

# Directory with ignorecommand scripts
ignorecommands_dir = /etc/fail2ban/filter.d/ignorecommands

Leave a Reply