Rev 5 | Blame | Compare with Previous | Last modification | View Log | RSS feed
# Fail2Ban configuration file## Author: Cyril Jaquier# Modified-By: Yaroslav Halchenko to include grepping on IP over log files#[INCLUDES]before = mail-whois-common.conf[Definition]# Option: actionstart# Notes.: command executed once at the start of Fail2Ban.# Values: CMD#actionstart = printf %%b "Hi,\nThe jail <name> has been started successfully.\nRegards,\nFail2Ban"|mail -s "[Fail2Ban] <name>: started on `uname -n`" <dest># Option: actionstop# Notes.: command executed once at the end of Fail2Ban# Values: CMD#actionstop = printf %%b "Hi,\nThe jail <name> has been stopped.\nRegards,\nFail2Ban"|mail -s "[Fail2Ban] <name>: stopped on `uname -n`" <dest># Option: actioncheck# Notes.: command executed once before each actionban command# Values: CMD#actioncheck =# Option: actionban# Notes.: command executed when banning an IP. Take care that the# command is executed with Fail2Ban user rights.# Tags: See jail.conf(5) man page# Values: CMD#actionban = printf %%b "Hi,\nThe IP <ip> has just been banned by Fail2Ban after<failures> attempts against <name>.\n\nHere is more information about <ip> :\n`%(_whois_command)s`\n\nLines containing IP:<ip> in <logpath>\n`grep -E <grepopts> '(^|[^0-9])<ip>([^0-9]|$)' <logpath>`\n\nRegards,\nFail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from `uname -n`" <dest># Option: actionunban# Notes.: command executed when unbanning an IP. Take care that the# command is executed with Fail2Ban user rights.# Tags: See jail.conf(5) man page# Values: CMD#actionunban =[Init]# Default name of the chain#name = default# Destinataire of the mail#dest = root# Path to the log files which contain relevant lines for the abuser IP#logpath = /dev/null# Number of log lines to include in the email#grepopts = -m 1000