mirror of https://github.com/fail2ban/fail2ban
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
62 lines
2.0 KiB
62 lines
2.0 KiB
10 years ago
|
# Fail2Ban configuration file
|
||
|
#
|
||
|
# Author: Donald Yandt
|
||
|
# Because of the --remove-rules in stop this action requires firewalld-0.3.8+
|
||
|
|
||
|
[INCLUDES]
|
||
|
|
||
|
before = iptables-blocktype.conf
|
||
|
|
||
|
[Definition]
|
||
|
|
||
|
actionstart = firewall-cmd --direct --add-chain ipv4 filter f2b-<name>
|
||
|
firewall-cmd --direct --add-rule ipv4 filter f2b-<name> 1000 -j RETURN
|
||
|
firewall-cmd --direct --add-rule ipv4 filter <chain> 0 -m state --state NEW -p <protocol> -m multiport --dports <port> -j f2b-<name>
|
||
|
|
||
|
actionstop = firewall-cmd --direct --remove-rule ipv4 filter <chain> 0 -m state --state NEW -p <protocol> -m multiport --dports <port> -j f2b-<name>
|
||
|
firewall-cmd --direct --remove-rules ipv4 filter f2b-<name>
|
||
|
firewall-cmd --direct --remove-chain ipv4 filter f2b-<name>
|
||
|
|
||
|
# Note: uses regular expression word boundaries '\b'
|
||
|
# Example actioncheck: firewall-cmd --direct --get-chains ipv4 filter | grep -q '\bf2b-apache-modsecurity\b'
|
||
|
actioncheck = firewall-cmd --direct --get-chains ipv4 filter | grep -q '\bf2b-<name>\b'
|
||
|
|
||
|
actionban = firewall-cmd --direct --add-rule ipv4 filter f2b-<name> 0 -s <ip> -j <blocktype>
|
||
|
|
||
|
actionunban = firewall-cmd --direct --remove-rule ipv4 filter f2b-<name> 0 -s <ip> -j <blocktype>
|
||
|
|
||
|
[Init]
|
||
|
|
||
|
# Default name of the chain
|
||
|
name = default
|
||
|
|
||
|
chain = INPUT_direct
|
||
|
|
||
|
port = 1:65535
|
||
|
|
||
|
# Option: protocol
|
||
|
# Values: [ tcp | udp | icmp | all ]
|
||
|
|
||
|
protocol = tcp
|
||
|
|
||
|
|
||
|
|
||
|
# DEV NOTES:
|
||
|
#
|
||
|
# Author: Donald Yandt
|
||
|
# Uses "FirewallD" instead of the "iptables daemon".
|
||
|
#
|
||
|
#
|
||
|
# Output:
|
||
|
# actionstart:
|
||
|
# $ firewall-cmd --direct --add-chain ipv4 filter f2b-apache-modsecurity
|
||
|
# success
|
||
|
# $ firewall-cmd --direct --add-rule ipv4 filter f2b-apache-modsecurity 1000 -j RETURN
|
||
|
# success
|
||
|
# $ sudo firewall-cmd --direct --add-rule ipv4 filter INPUT_direct 0 -m state --state NEW -p tcp -m multiport --dports 80,443 -j f2b-apache-modsecurity
|
||
|
# success
|
||
|
# actioncheck:
|
||
|
# $ firewall-cmd --direct --get-chains ipv4 filter f2b-apache-modsecurity | grep -q '\bf2b-apache-modsecurity\b'
|
||
|
# f2b-apache-modsecurity
|
||
|
|