You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
fail2ban/config/jail.conf

79 lines
1.8 KiB

# Fail2Ban configuration file
#
# Author: Cyril Jaquier
#
# $Revision$
#
# The DEFAULT allows a global definition of the options. They can be override
# in each jail afterwards.
[DEFAULT]
# "ignoreip" can be an IP address, a CIDR mask or a DNS host
ignoreip = 127.0.0.1
bantime = 600
maxretry = 3
# This jail corresponds to the standard configuration in Fail2ban 0.6.
# The mail-whois action send a notification e-mail with a whois request
# in the body.
[ssh-iptables]
enabled = false
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
mail-whois[name=SSH, dest=yourmail@mail.com]
logpath = /var/log/sshd.log
maxretry = 5
# This one behaves like the previous and sends a report when the jail
# is stopped.
[ssh-iptables-report]
enabled = false
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
mail-whois[name=SSH, dest=yourmail@mail.com]
mail-report[dest=yourmail@mail.com]
logpath = /var/log/sshd.log
maxretry = 5
# Here we use TCP-Wrappers instead of Netfilter/Iptables.
[ssh-tcpwrapper]
enabled = false
filter = sshd
action = hostsdeny
mail-whois[name=SSH, dest=yourmail@mail.com]
logpath = /var/log/sshd.log
# The hosts.deny path can be defined with the "file" argument if it is
# not in /etc.
[postfix-tcpwrapper]
enabled = false
filter = postfix
action = hostsdeny[file=/not/a/standard/path/hosts.deny]
mail[name=Postfix, dest=yourmail@mail.com]
logpath = /var/log/postfix.log
bantime = 300
# Do not ban anybody. Just report information about the remote host.
# A notification is sent at most every 600 seconds (bantime).
[vsftpd-notification]
enabled = false
filter = vsftpd
action = mail-whois[name=VSFTPD, dest=yourmail@mail.com]
logpath = /var/log/vsftpd.log
maxretry = 5
bantime = 1800