Merge pull request #1 from grooverdan/route

add blocking types
2013-02-18 03:14:33 -08:00 · 2013-02-18 03:14:33 -08:00 · a37ed388e7
parent 03433f79cd 47b1ee39d8
commit a37ed388e7
1 changed files with 8 additions and 2 deletions
--- a/config/action.d/route.conf
+++ b/config/action.d/route.conf
@ -15,5 +15,11 @@
 #   - Blocking is per IP and NOT per service, but ideal as action against ssh password bruteforcing hosts

 [Definition]
-actionban   = ip route add blackhole <ip>
-actionunban = ip route del blackhole <ip>
+actionban   = ip route add <type> <ip>
+actionunban = ip route del <type> <ip>
+
+# Type of blocking
+#
+# Type can be blackhole, unreachable and prohibit. Unreachable and prohibit correspond to the ICMP reject messages.
+
+type = blackhole