|
|
|
|
@ -147,17 +147,17 @@ logfile = /var/log/apache/access.log
|
|
|
|
|
# Notes.: command executed once at the start of Fail2Ban
|
|
|
|
|
# Values: CMD Default:
|
|
|
|
|
#
|
|
|
|
|
fwstart = iptables -N FAIL2BAN-HTTP
|
|
|
|
|
iptables -I INPUT -i eth0 -p tcp --dport http -j FAIL2BAN-HTTP
|
|
|
|
|
iptables -A FAIL2BAN-HTTP -j RETURN
|
|
|
|
|
fwstart = iptables -N fail2ban-HTTP
|
|
|
|
|
iptables -I INPUT -i eth0 -p tcp --dport http -j fail2ban-HTTP
|
|
|
|
|
iptables -A fail2ban-HTTP -j RETURN
|
|
|
|
|
|
|
|
|
|
# Option: fwend
|
|
|
|
|
# Notes.: command executed once at the end of Fail2Ban
|
|
|
|
|
# Values: CMD Default:
|
|
|
|
|
#
|
|
|
|
|
fwend = iptables -D INPUT -i eth0 -p tcp --dport http -j FAIL2BAN-HTTP
|
|
|
|
|
iptables -D FAIL2BAN-HTTP -j RETURN
|
|
|
|
|
iptables -X FAIL2BAN-HTTP
|
|
|
|
|
fwend = iptables -D INPUT -i eth0 -p tcp --dport http -j fail2ban-HTTP
|
|
|
|
|
iptables -D fail2ban-HTTP -j RETURN
|
|
|
|
|
iptables -X fail2ban-HTTP
|
|
|
|
|
|
|
|
|
|
# Option: fwban
|
|
|
|
|
# Notes.: command executed when banning an IP. Take care that the
|
|
|
|
|
@ -169,7 +169,7 @@ fwend = iptables -D INPUT -i eth0 -p tcp --dport http -j FAIL2BAN-HTTP
|
|
|
|
|
# Values: CMD
|
|
|
|
|
# Default: iptables -I INPUT 1 -i eth0 -s <ip> -j DROP
|
|
|
|
|
#
|
|
|
|
|
fwban = iptables -I FAIL2BAN-HTTP 1 -i eth0 -s <ip> -j DROP
|
|
|
|
|
fwban = iptables -I fail2ban-HTTP 1 -i eth0 -s <ip> -j DROP
|
|
|
|
|
|
|
|
|
|
# Option: fwunban
|
|
|
|
|
# Notes.: command executed when unbanning an IP. Take care that the
|
|
|
|
|
@ -180,7 +180,7 @@ fwban = iptables -I FAIL2BAN-HTTP 1 -i eth0 -s <ip> -j DROP
|
|
|
|
|
# Values: CMD
|
|
|
|
|
# Default: iptables -D INPUT -i eth0 -s <ip> -j DROP
|
|
|
|
|
#
|
|
|
|
|
fwunban = iptables -D FAIL2BAN-HTTP -i eth0 -s <ip> -j DROP
|
|
|
|
|
fwunban = iptables -D fail2ban-HTTP -i eth0 -s <ip> -j DROP
|
|
|
|
|
|
|
|
|
|
# Option: timeregex
|
|
|
|
|
# Notes.: regex to match timestamp in Apache logfile.
|
|
|
|
|
@ -219,17 +219,17 @@ logfile = /var/log/auth.log
|
|
|
|
|
# Notes.: command executed once at the start of Fail2Ban
|
|
|
|
|
# Values: CMD Default:
|
|
|
|
|
#
|
|
|
|
|
fwstart = iptables -N FAIL2BAN-SSH
|
|
|
|
|
iptables -I INPUT -i eth0 -p tcp --dport ssh -j FAIL2BAN-SSH
|
|
|
|
|
iptables -A FAIL2BAN-SSH -j RETURN
|
|
|
|
|
fwstart = iptables -N fail2ban-SSH
|
|
|
|
|
iptables -I INPUT -i eth0 -p tcp --dport ssh -j fail2ban-SSH
|
|
|
|
|
iptables -A fail2ban-SSH -j RETURN
|
|
|
|
|
|
|
|
|
|
# Option: fwend
|
|
|
|
|
# Notes.: command executed once at the end of Fail2Ban
|
|
|
|
|
# Values: CMD Default:
|
|
|
|
|
#
|
|
|
|
|
fwend = iptables -D INPUT -i eth0 -p tcp --dport ssh -j FAIL2BAN-SSH
|
|
|
|
|
iptables -D FAIL2BAN-SSH -j RETURN
|
|
|
|
|
iptables -X FAIL2BAN-SSH
|
|
|
|
|
fwend = iptables -D INPUT -i eth0 -p tcp --dport ssh -j fail2ban-SSH
|
|
|
|
|
iptables -D fail2ban-SSH -j RETURN
|
|
|
|
|
iptables -X fail2ban-SSH
|
|
|
|
|
|
|
|
|
|
# Option: fwbanrule
|
|
|
|
|
# Notes.: command executed when banning an IP. Take care that the
|
|
|
|
|
@ -241,7 +241,7 @@ fwend = iptables -D INPUT -i eth0 -p tcp --dport ssh -j FAIL2BAN-SSH
|
|
|
|
|
# Values: CMD
|
|
|
|
|
# Default: iptables -I INPUT 1 -i eth0 -s <ip> -j DROP
|
|
|
|
|
#
|
|
|
|
|
fwban = iptables -I FAIL2BAN-SSH 1 -i eth0 -s <ip> -j DROP
|
|
|
|
|
fwban = iptables -I fail2ban-SSH 1 -i eth0 -s <ip> -j DROP
|
|
|
|
|
|
|
|
|
|
# Option: fwunbanrule
|
|
|
|
|
# Notes.: command executed when unbanning an IP. Take care that the
|
|
|
|
|
@ -252,7 +252,7 @@ fwban = iptables -I FAIL2BAN-SSH 1 -i eth0 -s <ip> -j DROP
|
|
|
|
|
# Values: CMD
|
|
|
|
|
# Default: iptables -D INPUT -i eth0 -s <ip> -j DROP
|
|
|
|
|
#
|
|
|
|
|
fwunban = iptables -D FAIL2BAN-SSH -i eth0 -s <ip> -j DROP
|
|
|
|
|
fwunban = iptables -D fail2ban-SSH -i eth0 -s <ip> -j DROP
|
|
|
|
|
|
|
|
|
|
# Option: timeregex
|
|
|
|
|
# Notes.: regex to match timestamp in SSH logfile.
|
|
|
|
|
|
Yaroslav Halchenko
20 years ago