Subversion Repositories configs

Rev

Rev 34 | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
5 - 1
# Fail2Ban configuration file
2
#
3
# Author: Steven Hiscocks
4
#
5
#
6
 
7
# Action to report IP address to blocklist.de
8
# Blocklist.de must be signed up to at www.blocklist.de
9
# Once registered, one or more servers can be added.
34 - 10
# This action requires the server 'email address' and the associated apikey.
5 - 11
#
12
# From blocklist.de:
13
#   www.blocklist.de is a free and voluntary service provided by a
14
#   Fraud/Abuse-specialist, whose servers are often attacked on SSH-,
15
#   Mail-Login-, FTP-, Webserver- and other services.
34 - 16
#   The mission is to report all attacks to the abuse departments of the
5 - 17
#   infected PCs/servers to ensure that the responsible provider can inform
18
#   the customer about the infection and disable them
19
#
20
# IMPORTANT:
21
#
22
# Reporting an IP of abuse is a serious complaint. Make sure that it is
23
# serious. Fail2ban developers and network owners recommend you only use this
24
# action for:
25
#   * The recidive where the IP has been banned multiple times
26
#   * Where maxretry has been set quite high, beyond the normal user typing
27
#     password incorrectly.
34 - 28
#   * For filters that have a low likelihood of receiving human errors
5 - 29
#
30
 
31
[Definition]
32
 
33
# Option:  actionstart
34
# Notes.:  command executed once at the start of Fail2Ban.
35
# Values:  CMD
36
#
37
actionstart =
38
 
39
# Option:  actionstop
40
# Notes.:  command executed once at the end of Fail2Ban
41
# Values:  CMD
42
#
43
actionstop =
44
 
45
# Option:  actioncheck
46
# Notes.:  command executed once before each actionban command
47
# Values:  CMD
48
#
49
actioncheck =
50
 
51
# Option:  actionban
52
# Notes.:  command executed when banning an IP. Take care that the
53
#          command is executed with Fail2Ban user rights.
54
# Tags:    See jail.conf(5) man page
55
# Values:  CMD
56
#
71 - 57
actionban = curl --fail --data-urlencode 'server=<email>' --data 'apikey=<apikey>' --data 'service=<service>' --data 'ip=<ip>' --data-urlencode 'logs=<matches>' --data 'format=text' --user-agent "<agent>" "https://www.blocklist.de/en/httpreports.html"
5 - 58
 
59
# Option:  actionunban
60
# Notes.:  command executed when unbanning an IP. Take care that the
61
#          command is executed with Fail2Ban user rights.
62
# Tags:    See jail.conf(5) man page
63
# Values:  CMD
64
#
65
actionunban =
66
 
67
[Init]
68
 
69
# Option:  email
70
# Notes    server email address, as per blocklise.de account
71
# Values:  STRING  Default: None
72
#
73
#email =
74
 
75
# Option:  apikey
76
# Notes    your user blocklist.de user account apikey
77
# Values:  STRING  Default: None
78
#
79
#apikey =
80
 
81
# Option:  service
82
# Notes    service name you are reporting on, typically aligns with filter name
83
#          see http://www.blocklist.de/en/httpreports.html for full list
84
# Values:  STRING  Default: None
85
#
86
#service =