specified default protocol (tcp) and specified udp for jail for named

debian/jail.conf

@@ -44,19 +44,22 @@ destemail = root@localhost
 banaction = iptables-multiport
 
 
+# Default protocol
+protocol = tcp
+
 #
 # Action shortcuts. To be used to define action parameter
 
 # The simplest action to take: ban only
-action_ = %(banaction)s[name=%(__name__)s, port="%(port)s"]
+action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s]
 
 # ban & send an e-mail with whois report to the destemail.
-action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s"]
-              mail-whois[name=%(__name__)s, dest="%(destemail)s"]
+action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s]
+              mail-whois[name=%(__name__)s, dest="%(destemail)s", protocol="%(protocol)s]
 
 # ban & send an e-mail with whois report and relevant log lines
 # to the destemail.
-action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s"]
+action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s]
                mail-whois-lines[name=%(__name__)s, dest="%(destemail)s", logpath=%(logpath)s]
  
 # Choose default action.  To change, just override value of 'action' with the
@@ -73,6 +76,7 @@ action = %(action_)s
 #
 # [SECTION_NAME] 
 # enabled = true
+
 #
 # in /etc/fail2ban/jail.local.
 #
@@ -230,5 +234,6 @@ logpath  = /var/log/mail.log
 
 enabled  = false
 port	 = domain,953
+protocol = udp
 filter   = named-refused
 logpath  = /var/log/named/lame-servers.log