DOC: document incompatiblity between APF and iptables-* actions. Closes gh-510

config/action.d/apf.conf

@@ -1,45 +1,17 @@
 # Fail2Ban configuration file
+# https://www.rfxn.com/projects/advanced-policy-firewall/
 #
-# Author: Mark McKinstry
+# Note: APF doesn't play nicely with other actions. It has been observed to
+# remove bans created by other iptables based actions. If you are going to use
+# this action, use it for all of your jails.
 #
+# DON'T MIX APF and other IPTABLES based actions
 [Definition]
 
-# Option:  actionstart
-# Notes.:  command executed once at the start of Fail2Ban.
-# Values:  CMD
-#
 actionstart = 
-
-# Option:  actionstop
-# Notes.:  command executed once at the end of Fail2Ban
-# Values:  CMD
-#
 actionstop = 
-
-# Option:  actioncheck
-# Notes.:  command executed once before each actionban command
-# Values:  CMD
-#
 actioncheck = 
-
-# Option:  actionban
-# Notes.:  command executed when banning an IP. Take care that the
-#          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
-# Values:  CMD
-#
 actionban = apf --deny <ip> "banned by Fail2Ban <name>"
-
-# Option:  actionunban
-# Notes.:  command executed when unbanning an IP. Take care that the
-#          command is executed with Fail2Ban user rights.
-# Tags:    <ip>  IP address
-#          <failures>  number of failures
-#          <time>  unix timestamp of the ban time
-# Values:  CMD
-#
 actionunban = apf --remove <ip>
 
 [Init]
@@ -48,3 +20,4 @@ actionunban = apf --remove <ip>
 #
 name = default
 
+# Author: Mark McKinstry