Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed
# Fail2Ban configuration file## Author: Cyril Jaquier### The default Shorewall configuration is with "BLACKLISTNEWONLY=Yes" (see# file /etc/shorewall/shorewall.conf). This means that when Fail2ban adds a# new shorewall rule to ban an IP address, that rule will affect only new# connections. So if the attempter goes on trying using the same connection# he could even log in. In order to get the same behavior of the iptable# action (so that the ban is immediate) the /etc/shorewall/shorewall.conf# file should me modified with "BLACKLISTNEWONLY=No".#[Definition]# Option: actionstart# Notes.: command executed once at the start of Fail2Ban.# Values: CMD#actionstart =# Option: actionstop# Notes.: command executed once at the end of Fail2Ban# Values: CMD#actionstop =# Option: actioncheck# Notes.: command executed once before each actionban command# Values: CMD#actioncheck =# Option: actionban# Notes.: command executed when banning an IP. Take care that the# command is executed with Fail2Ban user rights.# Tags: See jail.conf(5) man page# Values: CMD#actionban = shorewall <blocktype> <ip># Option: actionunban# Notes.: command executed when unbanning an IP. Take care that the# command is executed with Fail2Ban user rights.# Tags: See jail.conf(5) man page# Values: CMD#actionunban = shorewall allow <ip>[Init]# Option: blocktype# Note: This is what the action does with rules.# See man page of shorewall for options that include drop, logdrop, reject, or logreject# Values: STRINGblocktype = reject