github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

Update pf.conf fixing #1863 

Fix #1863
Introduce own PF anchors for fail2ban rules.
pull/1866/head
Alexander Köppe 2017-08-16 11:33:45 +02:00 committed by GitHub
parent 099e35103f
commit 55baf93635
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
config/action.d/pf.conf
View File

@ -15,8 +15,8 @@
# #
# we don't enable PF automatically; to enable run pfctl -e # we don't enable PF automatically; to enable run pfctl -e
# or add `pf_enable="YES"` to /etc/rc.conf (tested on FreeBSD) # or add `pf_enable="YES"` to /etc/rc.conf (tested on FreeBSD)
actionstart = echo "table <<tablename>-<name>> persist counters" | pfctl -f- actionstart = echo "table <<tablename>-<name>> persist counters" | pfctl -a f2b/<name> -f-
echo "block proto <protocol> from <<tablename>-<name>> to <actiontype>" | pfctl -f- echo "block proto <protocol> from <<tablename>-<name>> to <actiontype>" | pfctl -a f2b/<name> -f-
# Option: start_on_demand - to start action on demand # Option: start_on_demand - to start action on demand
# Example: `action=pf[actionstart_on_demand=true]` # Example: `action=pf[actionstart_on_demand=true]`
@ -27,16 +27,16 @@ actionstart_on_demand = false
# Values: CMD # Values: CMD
# #
# we only disable PF rules we've installed prior # we only disable PF rules we've installed prior
actionstop = pfctl -sr 2>/dev/null | grep -v <tablename>-<name> | pfctl -f- actionstop = pfctl -a f2b/<name> -sr 2>/dev/null | grep -v <tablename>-<name> | pfctl -a f2b/<name> -f-
pfctl -t <tablename>-<name> -T flush pfctl -a f2b/<name> -t <tablename>-<name> -T flush
pfctl -t <tablename>-<name> -T kill pfctl -a f2b/<name> -t <tablename>-<name> -T kill
# Option: actioncheck # Option: actioncheck
# Notes.: command executed once before each actionban command # Notes.: command executed once before each actionban command
# Values: CMD # Values: CMD
# #
actioncheck = pfctl -sr | grep -q <tablename>-<name> actioncheck = pfctl -a f2b/<name> -sr | grep -q <tablename>-<name>
# Option: actionban # Option: actionban
@ -47,7 +47,7 @@ actioncheck = pfctl -sr | grep -q <tablename>-<name>
# <time> unix timestamp of the ban time # <time> unix timestamp of the ban time
# Values: CMD # Values: CMD
# #
actionban = pfctl -t <tablename>-<name> -T add <ip> actionban = pfctl -a f2b/<name> -t <tablename>-<name> -T add <ip>
# Option: actionunban # Option: actionunban
@ -59,7 +59,7 @@ actionban = pfctl -t <tablename>-<name> -T add <ip>
# Values: CMD # Values: CMD
# #
# note -r option used to remove matching rule # note -r option used to remove matching rule
actionunban = pfctl -t <tablename>-<name> -T delete <ip> actionunban = pfctl -a f2b/<name> -t <tablename>-<name> -T delete <ip>
[Init] [Init]
# Option: tablename # Option: tablename