github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge c9f008aac7 into dc899e438f

Eduardo Diaz 2025-07-06 22:29:34 -04:00 committed by GitHub
parent dc899e438f c9f008aac7
commit 869d30a684
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
config/action.d/shorewall.conf
View File

@ -12,7 +12,11 @@
# file should be modified with "BLACKLISTNEWONLY=No". Note that as of # file should be modified with "BLACKLISTNEWONLY=No". Note that as of
# Shorewall 4.5.13 BLACKLISTNEWONLY is deprecated; however the equivalent # Shorewall 4.5.13 BLACKLISTNEWONLY is deprecated; however the equivalent
# of BLACKLISTNEWONLY=No can now be achieved by setting BLACKLIST="ALL". # of BLACKLISTNEWONLY=No can now be achieved by setting BLACKLIST="ALL".
# # you can check the list using "shorewall show bl"
#
# Enabling using ipset for shorewall on a single list is a more easy and more efective
# change blocktype = blacklist
# enable on shorewall.comf to "DYNAMIC_BLACKLIST=ipset,disconnect,timeout=0"
[Definition] [Definition]
@ -60,9 +64,9 @@ family =
# Option: blocktype # Option: blocktype
# Note: This is what the action does with rules. # Note: This is what the action does with rules.
# See man page of shorewall for options that include drop, logdrop, reject, or logreject # See man page of shorewall for options that include drop, logdrop, reject, blacklist, or logreject
# Values: STRING # Values: STRING
blocktype = reject blocktype = blacklist
[Init?family=inet6] [Init?family=inet6]