diff --git a/CHANGELOG b/CHANGELOG index da66b0a1..f69366fa 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -24,6 +24,8 @@ ver. 0.8.1 (2007/??/??) - stable Delvit - Removed textToDns() which is not required anymore. Thanks to Yaroslav Halchenko +- Added new action iptables-allports. Thanks to Yaroslav + Halchenko ver. 0.8.0 (2007/05/03) - stable ---------- diff --git a/config/action.d/iptables-allports.conf b/config/action.d/iptables-allports.conf new file mode 100644 index 00000000..a95065d4 --- /dev/null +++ b/config/action.d/iptables-allports.conf @@ -0,0 +1,65 @@ +# Fail2Ban configuration file +# +# Author: Cyril Jaquier +# Modified: Yaroslav O. Halchenko +# made active on all ports from original iptables.conf +# +# $Revision$ +# + +[Definition] + +# Option: actionstart +# Notes.: command executed once at the start of Fail2Ban. +# Values: CMD +# +actionstart = iptables -N fail2ban- + iptables -A fail2ban- -j RETURN + iptables -I INPUT -p -j fail2ban- + +# Option: actionend +# Notes.: command executed once at the end of Fail2Ban +# Values: CMD +# +actionstop = iptables -D INPUT -p -j fail2ban- + iptables -F fail2ban- + iptables -X fail2ban- + +# Option: actioncheck +# Notes.: command executed once before each actionban command +# Values: CMD +# +actioncheck = iptables -n -L INPUT | grep -q fail2ban- + +# Option: actionban +# Notes.: command executed when banning an IP. Take care that the +# command is executed with Fail2Ban user rights. +# Tags: IP address +# number of failures +#