From 6e18508a07f69fe47f30a1ec7789ba59e23a8101 Mon Sep 17 00:00:00 2001
From: roedie <github@roedie.nl>
Date: Sun, 11 Dec 2016 20:44:54 +0100
Subject: [PATCH] Add shorewall IPv6 support Small patch which allow fail2ban
 to use shorewall for IPv6 bans.

---
 config/action.d/shorewall.conf | 29 +++++++++++++++++++++++++++--
 1 file changed, 27 insertions(+), 2 deletions(-)

diff --git a/config/action.d/shorewall.conf b/config/action.d/shorewall.conf
index f5f2c775..b5532c8a 100644
--- a/config/action.d/shorewall.conf
+++ b/config/action.d/shorewall.conf
@@ -34,6 +34,8 @@ actionstop =
 #
 actioncheck = 
 
+[Init]
+
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
 #          command is executed with Fail2Ban user rights.
@@ -50,10 +52,33 @@ actionban = shorewall <blocktype> <ip>
 #
 actionunban = shorewall allow <ip>
 
-[Init]
-
 # Option:  blocktype
 # Note:    This is what the action does with rules.
 #          See man page of shorewall for options that include drop, logdrop, reject, or logreject
 # Values:  STRING
 blocktype = reject
+
+[Init?family=inet6]
+
+# Option:  actionban
+# Notes.:  command executed when banning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    See jail.conf(5) man page
+# Values:  CMD
+#
+actionban = shorewall6 <blocktype> <ip>
+
+# Option:  actionunban
+# Notes.:  command executed when unbanning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    See jail.conf(5) man page
+# Values:  CMD
+#
+actionunban = shorewall6 allow <ip>
+
+# Option:  blocktype
+# Note:    This is what the action does with rules.
+#          See man page of shorewall6 for options that include drop, logdrop, reject, or logreject
+# Values:  STRING
+blocktype = reject
+