|
|
|
|
@ -33,14 +33,14 @@
|
|
|
|
|
# from address list to server |
|
|
|
|
# |
|
|
|
|
# example extract from jail.local overriding some defaults |
|
|
|
|
# action = mikrotik[mtikkeyfile="%(mkeyfile)s", mtikuser="%(muser)s", mtikhost="%(mhost)s", mtiklistname="%(mlistname)s"] |
|
|
|
|
# action = mikrotik[keyfile="%(mkeyfile)s", user="%(muser)s", host="%(mhost)s", list="%(mlist)s"] |
|
|
|
|
# |
|
|
|
|
# ignoreip = 127.0.0.1/8 192.168.0.0/24 |
|
|
|
|
|
|
|
|
|
# mkeyfile = /etc/fail2ban/ssh/mykey_id_rsa |
|
|
|
|
# muser = myuser |
|
|
|
|
# mhost = 192.168.0.1 |
|
|
|
|
# mlistname = BAD LIST |
|
|
|
|
# mlist = BAD LIST |
|
|
|
|
|
|
|
|
|
[Definition] |
|
|
|
|
|
|
|
|
|
@ -48,35 +48,35 @@ actionstart =
|
|
|
|
|
|
|
|
|
|
actionstop = %(actionflush)s |
|
|
|
|
|
|
|
|
|
actionflush = %(mtikcommand)s "/ip firewall address-list remove [find list=\"%(mtiklistname)s\" comment~\"%(startcomment)s-*\"]" |
|
|
|
|
actionflush = %(command)s "/ip firewall address-list remove [find list=\"%(list)s\" comment~\"%(startcomment)s-*\"]" |
|
|
|
|
|
|
|
|
|
actioncheck = |
|
|
|
|
|
|
|
|
|
actionban = %(mtikcommand)s "/ip firewall address-list add list=\"%(mtiklistname)s\" address=<ip> comment=%(mtikcomment)s" |
|
|
|
|
actionban = %(command)s "/ip firewall address-list add list=\"%(list)s\" address=<ip> comment=%(comment)s" |
|
|
|
|
|
|
|
|
|
actionunban = %(mtikcommand)s "/ip firewall address-list remove [find list=\"%(mtiklistname)s\" comment=%(mtikcomment)s]" |
|
|
|
|
actionunban = %(command)s "/ip firewall address-list remove [find list=\"%(list)s\" comment=%(comment)s]" |
|
|
|
|
|
|
|
|
|
mtikcommand = ssh -l %(mtikuser)s -p%(mtikport)s -i %(mtikkeyfile)s %(mtikhost)s |
|
|
|
|
mtikcommand = ssh -l %(user)s -p%(port)s -i %(keyfile)s %(host)s |
|
|
|
|
|
|
|
|
|
# Option: mktikuser |
|
|
|
|
# Option: user |
|
|
|
|
# Notes.: username to use when connecting to routerOS |
|
|
|
|
mtikuser = |
|
|
|
|
# Option: mtikport |
|
|
|
|
# Option: port |
|
|
|
|
# Notes.: port to use when connecting to routerOS |
|
|
|
|
mtikport = 22 |
|
|
|
|
# Option: mtikkeyfile |
|
|
|
|
# Option: keyfile |
|
|
|
|
# Notes.: ssh private key to use for connecting to routerOS |
|
|
|
|
mtikkeyfile = |
|
|
|
|
# Option: mtikhost |
|
|
|
|
# Option: host |
|
|
|
|
# Notes.: hostname or ip of router |
|
|
|
|
mtikhost = |
|
|
|
|
# Option: mtiklistname |
|
|
|
|
# Option: list |
|
|
|
|
# Notes.: name of "address-list" to use on router |
|
|
|
|
mtiklistname = Auto Fail2Ban |
|
|
|
|
mtiklistname = Fail2Ban |
|
|
|
|
# Option: startcomment |
|
|
|
|
# Notes.: used as a prefix to all comments, and used to match for flushing rules |
|
|
|
|
startcomment = f2b-<name> |
|
|
|
|
# Option: mtikcomment |
|
|
|
|
# Option: comment |
|
|
|
|
# Notes.: comment to use on routerOS (must be unique as used for ip address removal) |
|
|
|
|
mtikcomment = %(startcomment)s-<ip> |
|
|
|
|
|
|
|
|
|
|
Duncan Bellamy
2 years ago