|
|
|
|
@ -106,7 +106,7 @@ actionunban = if [ -f <tmpfile>.first ]; then
|
|
|
|
|
# Option: port
|
|
|
|
|
# Notes.: The target port for the attack (numerical). MUST be provided in the
|
|
|
|
|
# jail config, as it cannot be detected here.
|
|
|
|
|
# Values: [ NUM ] Default: ???
|
|
|
|
|
# Values: [ NUM ]
|
|
|
|
|
#
|
|
|
|
|
port = ???
|
|
|
|
|
|
|
|
|
|
@ -114,7 +114,7 @@ port = ???
|
|
|
|
|
# Notes.: Your DShield user ID. Should be provided either in the jail config or
|
|
|
|
|
# in a .local file.
|
|
|
|
|
# Register at https://secure.dshield.org/register.html
|
|
|
|
|
# Values: [ NUM ] Default: 0
|
|
|
|
|
# Values: [ NUM ]
|
|
|
|
|
#
|
|
|
|
|
userid = 0
|
|
|
|
|
|
|
|
|
|
@ -137,7 +137,7 @@ protocol = tcp
|
|
|
|
|
# Notes.: How many lines to buffer before making a report. Regardless of this,
|
|
|
|
|
# reports are sent a minimum of <minreportinterval> apart, or if the
|
|
|
|
|
# buffer contains an event over <maxbufferage> old, or on shutdown
|
|
|
|
|
# Values: [ NUM ] Default: 50
|
|
|
|
|
# Values: [ NUM ]
|
|
|
|
|
#
|
|
|
|
|
lines = 50
|
|
|
|
|
|
|
|
|
|
@ -145,7 +145,7 @@ lines = 50
|
|
|
|
|
# Notes.: Minimum period (in seconds) that must elapse before we submit another
|
|
|
|
|
# batch of reports. DShield request a minimum of 1 hour (3600 secs)
|
|
|
|
|
# between reports.
|
|
|
|
|
# Values: [ NUM ] Default: 3600
|
|
|
|
|
# Values: [ NUM ]
|
|
|
|
|
#
|
|
|
|
|
minreportinterval = 3600
|
|
|
|
|
|
|
|
|
|
@ -154,27 +154,27 @@ minreportinterval = 3600
|
|
|
|
|
# submit the batch, even if we haven't reached <lines> yet. Note that
|
|
|
|
|
# this is only checked on each ban/unban, and that we always send
|
|
|
|
|
# anything in the buffer on shutdown. Must be greater than
|
|
|
|
|
# Values: [ NUM ] Default: 21600 (6 hours)
|
|
|
|
|
# Values: [ NUM ]
|
|
|
|
|
#
|
|
|
|
|
maxbufferage = 21600
|
|
|
|
|
|
|
|
|
|
# Option: srcport
|
|
|
|
|
# Notes.: The source port of the attack. You're unlikely to have this info, so
|
|
|
|
|
# you can leave the default
|
|
|
|
|
# Values: [ NUM ] Default: ???
|
|
|
|
|
# Values: [ NUM ]
|
|
|
|
|
#
|
|
|
|
|
srcport = ???
|
|
|
|
|
|
|
|
|
|
# Option: tcpflags
|
|
|
|
|
# Notes.: TCP flags on attack. You're unlikely to have this info, so you can
|
|
|
|
|
# leave empty
|
|
|
|
|
# Values: [ STRING ] Default: (empty)
|
|
|
|
|
# Values: [ STRING ]
|
|
|
|
|
#
|
|
|
|
|
tcpflags =
|
|
|
|
|
|
|
|
|
|
# Option: mailcmd
|
|
|
|
|
# Notes.: Your system mail command. Is passed 2 args: subject and recipient
|
|
|
|
|
# Values: CMD Default: mail -s
|
|
|
|
|
# Values: CMD
|
|
|
|
|
#
|
|
|
|
|
mailcmd = mail -s
|
|
|
|
|
|
|
|
|
|
@ -186,19 +186,19 @@ mailcmd = mail -s
|
|
|
|
|
# the one configured at DShield - the '--' indicates arguments to be
|
|
|
|
|
# passed to Sendmail):
|
|
|
|
|
# -- -f me@example.com
|
|
|
|
|
# Values: [ STRING ] Default: (empty)
|
|
|
|
|
# Values: [ STRING ]
|
|
|
|
|
#
|
|
|
|
|
mailargs =
|
|
|
|
|
|
|
|
|
|
# Option: dest
|
|
|
|
|
# Notes.: Destination e-mail address for reports
|
|
|
|
|
# Values: [ STRING ] Default: reports@dshield.org
|
|
|
|
|
# Values: [ STRING ]
|
|
|
|
|
#
|
|
|
|
|
dest = reports@dshield.org
|
|
|
|
|
|
|
|
|
|
# Option: tmpfile
|
|
|
|
|
# Notes.: Base name of temporary files used for buffering
|
|
|
|
|
# Values: [ STRING ] Default: /var/run/fail2ban/tmp-dshield
|
|
|
|
|
# Values: [ STRING ]
|
|
|
|
|
#
|
|
|
|
|
tmpfile = /var/run/fail2ban/tmp-dshield
|
|
|
|
|
|
|
|
|
|
|
Yaroslav Halchenko
11 years ago