upload

2025-10-28 21:27:10 +01:00
commit 7b41672d05
14 changed files with 1253 additions and 0 deletions
--- a/config.ini
+++ b/config.ini
@@ -0,0 +1,42 @@
+[general]
+debug = false
+log_file = /var/log/logmon.log
+pid_file = /var/run/logmon.pid
+backend = csf
+
+[backend_csf]
+csf_path = /usr/sbin/csf
+# Dodatkowe opcje CSF
+
+[backend_nftables]
+table_name = filter
+chain_name = logmon_block
+
+[backend_iptables]
+chain_name = LOGMON_BLOCK
+
+[backend_ufw]
+# UFW nie wymaga dodatkowych parametrów
+
+[module_postfix]
+enabled = true
+log_file = /var/log/mail.log
+# Alternatywnie dla systemd:
+# use_journald = true
+# journald_unit = postfix.service
+
+# Parametry detekcji
+max_failures = 5
+time_window = 60
+ban_duration = 86400
+
+# Wzorce do wykrywania
+patterns = auth_failed,sasl_failed
+
+[pattern_auth_failed]
+regex = authentication failed
+score = 1
+
+[pattern_sasl_failed]
+regex = SASL [A-Z\-\d]+ authentication failed
+score = 2