[INCLUDES]
#before = paths-distro.conf
-before = paths-debian.conf
+before = paths-common.conf
# The DEFAULT allows a global definition of the options. They can be overridden
# in each jail afterwards.
# MISCELLANEOUS OPTIONS
#
+syslog_user = /var/log/user.log
+
+syslog_ftp = /var/log/syslog
+
+syslog_daemon = /var/log/daemon.log
+
# "bantime.increment" allows to use database for searching of previously banned ip's to increase a
# default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32...
#bantime.increment = true
--- /dev/null
+# Common
+#
+
+[INCLUDES]
+
+after = paths-overrides.local
+
+[DEFAULT]
+
+default_backend = %(default/backend)s
+
+# Initial common values (to overwrite in path-<distribution>.conf)...
+# There is no sensible generic defaults for syslog log targets, thus
+# leaving them empty here (resp. set to mostly used variant) in order
+# to avoid errors while parsing/interpolating configs.
+#
+# Note systemd-backend does not need the logpath at all.
+#
+syslog_local0 = /var/log/messages
+
+syslog_authpriv = /var/log/auth.log
+syslog_daemon = %(syslog_local0)s
+syslog_ftp = %(syslog_local0)s
+syslog_mail =
+syslog_mail_warn =
+syslog_user = %(syslog_local0)s
+
+# Set the default syslog backend target to default_backend
+syslog_backend = %(default_backend)s
+
+# Default values for several jails:
+
+sshd_log = %(syslog_authpriv)s
+sshd_backend = %(default_backend)s
+
+dropbear_log = %(syslog_authpriv)s
+dropbear_backend = %(default_backend)s
+
+apache_error_log = /var/log/apache2/*error.log
+
+apache_access_log = /var/log/apache2/*access.log
+
+# from /etc/audit/auditd.conf
+auditd_log = /var/log/audit/audit.log
+
+exim_main_log = /var/log/exim/mainlog
+
+nginx_error_log = /var/log/nginx/*error.log
+
+nginx_access_log = /var/log/nginx/*access.log
+
+
+lighttpd_error_log = /var/log/lighttpd/error.log
+
+# http://www.hardened-php.net/suhosin/configuration.html#suhosin.log.syslog.facility
+# syslog_user is the default. Lighttpd also hooks errors into its log.
+
+suhosin_log = %(syslog_user)s
+ %(lighttpd_error_log)s
+
+# defaults to ftp or local2 if ftp doesn't exist
+proftpd_log = %(syslog_ftp)s
+proftpd_backend = %(default_backend)s
+
+# http://svnweb.freebsd.org/ports/head/ftp/proftpd/files/patch-src_proftpd.8.in?view=markup
+# defaults to ftp but can be overwritten.
+pureftpd_log = %(syslog_ftp)s
+pureftpd_backend = %(default_backend)s
+
+# ftp, daemon and then local7 are tried at configure time however it is overwriteable at configure time
+#
+wuftpd_log = %(syslog_ftp)s
+wuftpd_backend = %(default_backend)s
+
+# syslog_enable defaults to no. so it defaults to vsftpd_log_file setting of /var/log/vsftpd.log
+# No distro seems to set it to syslog by default
+# If syslog set it defaults to ftp facility if exists at compile time otherwise falls back to daemonlog.
+vsftpd_log = /var/log/vsftpd.log
+
+# Technically syslog_facility in main.cf can overwrite but no-one sane does this.
+postfix_log = %(syslog_mail_warn)s
+postfix_backend = %(default_backend)s
+
+dovecot_log = %(syslog_mail_warn)s
+dovecot_backend = %(default_backend)s
+
+# Seems to be set at compile time only to LOG_LOCAL0 (src/const.h) at Notice level
+solidpop3d_log = %(syslog_local0)s
+
+mysql_log = %(syslog_daemon)s
+mysql_backend = %(default_backend)s
+
+roundcube_errors_log = /var/log/roundcube/errors
+
+# Directory with ignorecommand scripts
+ignorecommands_dir = /etc/fail2ban/filter.d/ignorecommands
projects / server.git / commitdiff