El día 3 de marzo de 2015, 14:54, Ramses <ramses.sevi...@gmail.com> escribió:
> El 03/03/2015, a las 13:29, Maykel Franco <maykeldeb...@gmail.com> escribió:
>
>> Buenas, he querido meter una capa más de seguridad a owncloud en mi
>> casa. He realizado lo siguiente para hacerlo funcionar con owncloud.
>>
>> He copiado el fichero jail.conf a jail.local puesto que por lo visto
>> cuando fail2ban actualiza, te machaca el fichero jail.conf.
>>
>> Una vez realizado esto, he añadido lo siguiente al fichero jail.local:
>>
>> [owncloud-login]
>> enabled = true
>> port = 8000
>> filter = owncloud-login
>> logpath = /var/lib/owncloud/data/owncloud.log
>> maxretry = 3
>
> ¿Porque te falta la Acción?
>
>
> Saludos,
>
> Ramses
>
>> Lo que me quedaba, era meter el filtro en filter.d, llamado
>> owncloud-login.conf (importante el .conf si no no te lo coge y da
>> error fail2ban, lógicamente).
>>
>>
>> [Definition]
>> failregex={"reqId":".*","remoteAddr":".*","app":"core","message":"Login
>> failed: '.*' \(Remote IP: '<HOST>', X-Forwarded-For:
>> '.*'\)","level":2,"time":".*"}
>>
>> Si esto lo pruebo con el comando fail2ban-regex me funciona correctamente:
>>
>> Running tests
>> =============
>>
>> Use regex file : /etc/fail2ban/filter.d/owncloud-login.conf
>> Use log file : /var/lib/owncloud/data/owncloud.log
>>
>>
>> Results
>> =======
>>
>> Failregex
>> |- Regular expressions:
>> | [1] {"reqId":".*","remoteAddr":".*","app":"core","message":"Login
>> failed: '.*' \(Remote IP: '<HOST>', X-Forwarded-For:
>> '.*'\)","level":2,"time":".*"}
>> |
>> `- Number of matches:
>> [1] 95 match(es)
>>
>> Ignoreregex
>> |- Regular expressions:
>> |
>> `- Number of matches:
>>
>> Summary
>> =======
>>
>> Addresses found:
>> [1]
>> 192.168.0.33 (Mon Mar 02 15:31:12 2015)
>> 192.168.0.33 (Mon Mar 02 17:19:57 2015)
>> 192.168.0.33 (Mon Mar 02 17:20:04 2015)
>> 192.168.0.33 (Tue Mar 03 09:01:15 2015)
>> 192.168.0.33 (Tue Mar 03 09:01:19 2015)
>> 192.168.0.33 (Tue Mar 03 09:01:23 2015)
>> 192.168.0.33 (Tue Mar 03 09:01:28 2015)
>> 192.168.0.33 (Tue Mar 03 10:24:06 2015)
>> 192.168.0.33 (Tue Mar 03 10:24:17 2015)
>> 192.168.0.33 (Tue Mar 03 10:24:33 2015)
>> 192.168.0.33 (Tue Mar 03 10:37:44 2015)
>> 192.168.0.33 (Tue Mar 03 10:42:25 2015)
>> 192.168.0.33 (Tue Mar 03 10:42:31 2015)
>> 192.168.0.33 (Tue Mar 03 10:42:35 2015)
>> 192.168.0.33 (Tue Mar 03 10:42:37 2015)
>> 192.168.0.33 (Tue Mar 03 10:42:39 2015)
>> 192.168.0.33 (Tue Mar 03 10:42:42 2015)
>> 192.168.0.33 (Tue Mar 03 10:42:43 2015)
>> 192.168.0.33 (Tue Mar 03 10:42:54 2015)
>> 192.168.0.33 (Tue Mar 03 10:42:55 2015)
>> 192.168.0.33 (Tue Mar 03 10:42:57 2015)
>> 192.168.0.33 (Tue Mar 03 10:42:58 2015)
>> 192.168.0.33 (Tue Mar 03 10:42:59 2015)
>> 192.168.0.33 (Tue Mar 03 10:43:00 2015)
>> 192.168.0.33 (Tue Mar 03 10:45:33 2015)
>> 192.168.0.33 (Tue Mar 03 10:45:36 2015)
>> 192.168.0.33 (Tue Mar 03 10:45:37 2015)
>> 192.168.0.33 (Tue Mar 03 10:45:39 2015)
>> 192.168.0.33 (Tue Mar 03 10:45:41 2015)
>> 192.168.0.33 (Tue Mar 03 10:45:42 2015)
>> 192.168.0.33 (Tue Mar 03 10:45:44 2015)
>> 192.168.0.33 (Tue Mar 03 10:45:45 2015)
>> 192.168.0.33 (Tue Mar 03 10:45:47 2015)
>> 192.168.0.33 (Tue Mar 03 10:58:55 2015)
>> 192.168.0.33 (Tue Mar 03 10:58:57 2015)
>> 192.168.0.33 (Tue Mar 03 10:58:59 2015)
>> 192.168.0.33 (Tue Mar 03 10:59:01 2015)
>> 192.168.0.33 (Tue Mar 03 10:59:05 2015)
>> 192.168.0.33 (Tue Mar 03 10:59:06 2015)
>> 192.168.0.33 (Tue Mar 03 10:59:09 2015)
>> 192.168.0.33 (Tue Mar 03 11:06:32 2015)
>> 192.168.0.33 (Tue Mar 03 11:06:38 2015)
>> 192.168.0.33 (Tue Mar 03 11:06:40 2015)
>> 192.168.0.33 (Tue Mar 03 11:06:41 2015)
>> 192.168.0.33 (Tue Mar 03 11:06:43 2015)
>> 192.168.0.33 (Tue Mar 03 11:06:44 2015)
>> 192.168.0.33 (Tue Mar 03 11:06:46 2015)
>> 192.168.0.33 (Tue Mar 03 11:07:11 2015)
>> 192.168.0.33 (Tue Mar 03 11:07:13 2015)
>> 192.168.0.33 (Tue Mar 03 11:07:14 2015)
>> 192.168.0.33 (Tue Mar 03 11:08:45 2015)
>> 192.168.0.33 (Tue Mar 03 11:08:47 2015)
>> 192.168.0.33 (Tue Mar 03 11:08:48 2015)
>> 192.168.0.33 (Tue Mar 03 11:08:50 2015)
>> 192.168.0.33 (Tue Mar 03 11:08:51 2015)
>> 192.168.0.33 (Tue Mar 03 11:08:53 2015)
>> 192.168.0.33 (Tue Mar 03 11:14:15 2015)
>> 192.168.0.33 (Tue Mar 03 11:14:17 2015)
>> 192.168.0.33 (Tue Mar 03 11:14:18 2015)
>> 192.168.0.33 (Tue Mar 03 12:09:13 2015)
>> 192.168.0.33 (Tue Mar 03 12:09:16 2015)
>> 192.168.0.33 (Tue Mar 03 12:09:22 2015)
>> 192.168.0.33 (Tue Mar 03 12:09:27 2015)
>> 192.168.0.33 (Tue Mar 03 12:09:33 2015)
>> 192.168.0.33 (Tue Mar 03 12:09:35 2015)
>> 192.168.0.33 (Tue Mar 03 12:09:58 2015)
>> 192.168.0.33 (Tue Mar 03 12:10:05 2015)
>> 192.168.0.33 (Tue Mar 03 12:10:32 2015)
>> 192.168.0.33 (Tue Mar 03 12:10:34 2015)
>> 192.168.0.33 (Tue Mar 03 12:14:14 2015)
>> 192.168.0.33 (Tue Mar 03 12:14:17 2015)
>> 192.168.0.33 (Tue Mar 03 12:14:19 2015)
>> 192.168.0.33 (Tue Mar 03 12:14:21 2015)
>> 192.168.0.33 (Tue Mar 03 12:14:55 2015)
>> 192.168.0.33 (Tue Mar 03 12:15:02 2015)
>> 192.168.0.33 (Tue Mar 03 12:15:04 2015)
>> 192.168.0.33 (Tue Mar 03 12:15:06 2015)
>> 192.168.0.33 (Tue Mar 03 12:15:08 2015)
>> 192.168.0.33 (Tue Mar 03 12:21:35 2015)
>> 192.168.0.33 (Tue Mar 03 12:21:38 2015)
>> 192.168.0.33 (Tue Mar 03 12:21:40 2015)
>> 192.168.0.33 (Tue Mar 03 12:21:41 2015)
>> 192.168.0.33 (Tue Mar 03 12:21:42 2015)
>> 192.168.0.33 (Tue Mar 03 12:21:44 2015)
>> 192.168.0.33 (Tue Mar 03 12:21:46 2015)
>> 192.168.0.33 (Tue Mar 03 12:21:47 2015)
>> 192.168.0.33 (Tue Mar 03 12:21:49 2015)
>> 192.168.0.33 (Tue Mar 03 12:22:35 2015)
>> 192.168.0.33 (Tue Mar 03 12:22:36 2015)
>> 192.168.0.33 (Tue Mar 03 12:22:37 2015)
>> 192.168.0.33 (Tue Mar 03 12:22:40 2015)
>> 192.168.0.33 (Tue Mar 03 12:22:42 2015)
>> 192.168.0.33 (Tue Mar 03 12:22:43 2015)
>> 192.168.0.33 (Tue Mar 03 12:22:45 2015)
>> 192.168.0.33 (Tue Mar 03 12:22:46 2015)
>>
>> Date template hits:
>> 0 hit(s): MONTH Day Hour:Minute:Second
>> 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second Year
>> 0 hit(s): WEEKDAY MONTH Day Hour:Minute:Second
>> 0 hit(s): Year/Month/Day Hour:Minute:Second
>> 0 hit(s): Day/Month/Year Hour:Minute:Second
>> 0 hit(s): Day/Month/Year Hour:Minute:Second
>> 0 hit(s): Day/MONTH/Year:Hour:Minute:Second
>> 0 hit(s): Month/Day/Year:Hour:Minute:Second
>> 0 hit(s): Year-Month-Day Hour:Minute:Second
>> 0 hit(s): Year.Month.Day Hour:Minute:Second
>> 0 hit(s): Day-MONTH-Year Hour:Minute:Second[.Millisecond]
>> 0 hit(s): Day-Month-Year Hour:Minute:Second
>> 0 hit(s): TAI64N
>> 0 hit(s): Epoch
>> 33757 hit(s): ISO 8601
>> 0 hit(s): Hour:Minute:Second
>> 0 hit(s): <Month/Day/Year@Hour:Minute:Second>
>>
>> Success, the total number of match is 95
>>
>> However, look at the above section 'Running tests' which could contain
>> important
>> information.
>>
>>
>> Pero el tema es que no me añade la regla en iptables... No entiendo
>> por qué...He aumentado el debug en fail2ban, y veo que detecta cambios
>> en el fichero de log de owncloud y demás pero no entiendo por qué no
>> me pone la regla en iptables...
>>
>> He probado con ssh en la instalación por defecto y me bloquea
>> perfectamente...
>>
>> Alguna idea?
>>
>> Gracias de antemano.
>>
>> Saludos.
>>
>>
>> --
>> To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
>> with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
>> Archive:
>> https://lists.debian.org/caj2aoa_ll-cxkfp72+cujp3thjvxjfctvtunhswjvagxvxt...@mail.gmail.com
>>
Gracias por contestar Ramses pero no era por eso. Era por lo que he
comentado del timezone. El action ahora le he añadido para enviar mail
de notificación.
Saludos.
--
To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
https://lists.debian.org/caj2aoa9a3coxnm7bqypmyfc9g2u7b_ksbxxknxn5jrwh4yv...@mail.gmail.com
