Subversion Repositories configs

Rev

Go to most recent revision | Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
4 - 1 
# Fail2Ban configuration file
2 
#
3 
# Author: Cyril Jaquier
4 
#
5 
#
6 
# The default Shorewall configuration is with "BLACKLISTNEWONLY=Yes" (see
7 
# file /etc/shorewall/shorewall.conf). This means that when Fail2ban adds a
8 
# new shorewall rule to ban an IP address, that rule will affect only new
9 
# connections. So if the attempter goes on trying using the same connection
10 
# he could even log in. In order to get the same behavior of the iptable
11 
# action (so that the ban is immediate) the /etc/shorewall/shorewall.conf
12 
# file should me modified with "BLACKLISTNEWONLY=No".
13 
#
14 
 
15 
[Definition]
16 
 
17 
# Option:  actionstart
18 
# Notes.:  command executed once at the start of Fail2Ban.
19 
# Values:  CMD
20 
#
21 
actionstart =
22 
 
23 
# Option:  actionstop
24 
# Notes.:  command executed once at the end of Fail2Ban
25 
# Values:  CMD
26 
#
27 
actionstop =
28 
 
29 
# Option:  actioncheck
30 
# Notes.:  command executed once before each actionban command
31 
# Values:  CMD
32 
#
33 
actioncheck =
34 
 
35 
# Option:  actionban
36 
# Notes.:  command executed when banning an IP. Take care that the
37 
#          command is executed with Fail2Ban user rights.
38 
# Tags:    See jail.conf(5) man page
39 
# Values:  CMD
40 
#
41 
actionban = shorewall <blocktype> <ip>
42 
 
43 
# Option:  actionunban
44 
# Notes.:  command executed when unbanning an IP. Take care that the
45 
#          command is executed with Fail2Ban user rights.
46 
# Tags:    See jail.conf(5) man page
47 
# Values:  CMD
48 
#
49 
actionunban = shorewall allow <ip>
50 
 
51 
[Init]
52 
 
53 
# Option:  blocktype
54 
# Note:    This is what the action does with rules.
55 
#          See man page of shorewall for options that include drop, logdrop, reject, or logreject
56 
# Values:  STRING
57 
blocktype = reject