Merge pull request #778 from yarikoptic/enh/symbiosis

ENH: symbiosis-blacklist-allports action

ChangeLog

@@ -50,9 +50,11 @@ ver. 0.9.1 (2014/xx/xx) - better, faster, stronger
    * postfix-sasl -- added journalmatch.  Thanks Luc Maisonobe
 
 - New features:
-   - Added
-     - monit filter. Thanks Jason H Martin
-     - directadmin filter. Thanks niorg
+   - New filters:
+     - monit  Thanks Jason H Martin
+     - directadmin  Thanks niorg
+   - New actions:
+     - symbiosis-blacklist-allports  for Bytemark symbiosis firewall
    - fail2ban-client can fetch the running server version
    - Added Cloudflare API action
 

config/action.d/symbiosis-blacklist-allports.conf

@@ -0,0 +1,52 @@
+# Fail2Ban configuration file for Bytemark Symbiosis firewall
+#
+# Author: Yaroslav Halchenko
+#
+
+
+[Definition]
+
+# Option:  actionstart
+# Notes.:  command executed once at the start of Fail2Ban.
+# Values:  CMD
+#
+actionstart =
+
+# Option:  actionstop
+# Notes.:  command executed once at the end of Fail2Ban
+# Values:  CMD
+#
+actionstop =
+
+# Option:  actioncheck
+# Notes.:  command executed once before each actionban command
+# Values:  CMD
+#
+actioncheck = iptables -n -L <chain>
+
+# Option:  actionban
+# Notes.:  command executed when banning an IP.
+# Values:  CMD
+#
+actionban = echo 'all' >| /etc/symbiosis/firewall/blacklist.d/<ip>.auto
+            iptables -I <chain> 1 -s <ip> -j <blocktype>
+
+# Option:  actionunban
+# Notes.:  command executed when unbanning an IP.
+# Values:  CMD
+#
+actionunban = rm -f /etc/symbiosis/firewall/blacklist.d/<ip>.auto
+              iptables -D <chain> -s <ip> -j <blocktype> || :
+
+[Init]
+
+# Option:  chain
+# Notes    specifies the iptables chain to which the fail2ban rules should be
+#          added to.  blacklist is a chain initiated by symbiosis firewall.
+# Values:  STRING  Default: blacklist
+chain = blacklist
+
+# Option:  blocktype
+# Note:    This is to match default symbiosis firewall type for blacklisted IPs
+# Values:  STRING
+blocktype = DROP