diff --git a/ChangeLog b/ChangeLog index c3811a47a..9415acb25 100644 --- a/ChangeLog +++ b/ChangeLog @@ -41,6 +41,8 @@ ver. 0.8.11 (2013/XX/XXX) - loves-unittests closes gh-343. - New Features: + Anonymous: + * action.d/osx-afctl - an action based on afctl for osx Daniel Black & ykimon * filter.d/3proxy.conf -- filter added Daniel Black diff --git a/config/action.d/osx-afctl.conf b/config/action.d/osx-afctl.conf new file mode 100644 index 000000000..a319fc6bc --- /dev/null +++ b/config/action.d/osx-afctl.conf @@ -0,0 +1,16 @@ +# Fail2Ban configuration file for using afctl on Mac OS X Server 10.5 +# +# Anonymous author +# http://www.fail2ban.org/wiki/index.php?title=HOWTO_Mac_OS_X_Server_(10.5)&diff=prev&oldid=4081 +# +# Ref: https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man8/afctl.8.html + +[Definition] +actionstart = +actionstop = +actioncheck = +actionban = /usr/libexec/afctl -a -t +actionunban = /usr/libexec/afctl -r + +[Init] +bantime = 2880 diff --git a/config/jail.conf b/config/jail.conf index 86c619118..c16e93664 100644 --- a/config/jail.conf +++ b/config/jail.conf @@ -416,3 +416,9 @@ filter = perdition action = iptables-multiport[name=perdition,port="110,143,993,995"] logpath = /var/log/maillog + +[osx-ssh-afctl] +enabled = false +filter = sshd +action = osx-afctl[bantime=600] +logpath = /var/log/secure.log