From 26c54c45380a5a84863e8ea64619d8842d7b5854 Mon Sep 17 00:00:00 2001 From: Cyril Jaquier Date: Wed, 8 Aug 2007 22:13:09 +0000 Subject: [PATCH] - Added new action iptables-allports. Thanks to Yaroslav Halchenko git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@606 a942ae1a-1317-0410-a47c-b1dcaea8d605 --- CHANGELOG | 2 + config/action.d/iptables-allports.conf | 65 ++++++++++++++++++++++++++ 2 files changed, 67 insertions(+) create mode 100644 config/action.d/iptables-allports.conf diff --git a/CHANGELOG b/CHANGELOG index da66b0a1..f69366fa 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -24,6 +24,8 @@ ver. 0.8.1 (2007/??/??) - stable Delvit - Removed textToDns() which is not required anymore. Thanks to Yaroslav Halchenko +- Added new action iptables-allports. Thanks to Yaroslav + Halchenko ver. 0.8.0 (2007/05/03) - stable ---------- diff --git a/config/action.d/iptables-allports.conf b/config/action.d/iptables-allports.conf new file mode 100644 index 00000000..a95065d4 --- /dev/null +++ b/config/action.d/iptables-allports.conf @@ -0,0 +1,65 @@ +# Fail2Ban configuration file +# +# Author: Cyril Jaquier +# Modified: Yaroslav O. Halchenko +# made active on all ports from original iptables.conf +# +# $Revision$ +# + +[Definition] + +# Option: actionstart +# Notes.: command executed once at the start of Fail2Ban. +# Values: CMD +# +actionstart = iptables -N fail2ban- + iptables -A fail2ban- -j RETURN + iptables -I INPUT -p -j fail2ban- + +# Option: actionend +# Notes.: command executed once at the end of Fail2Ban +# Values: CMD +# +actionstop = iptables -D INPUT -p -j fail2ban- + iptables -F fail2ban- + iptables -X fail2ban- + +# Option: actioncheck +# Notes.: command executed once before each actionban command +# Values: CMD +# +actioncheck = iptables -n -L INPUT | grep -q fail2ban- + +# Option: actionban +# Notes.: command executed when banning an IP. Take care that the +# command is executed with Fail2Ban user rights. +# Tags: IP address +# number of failures +#