github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

action.d/ufw.conf: amend to #3018: parameter `kill-mode` extended with conntrack

pull/3064/head
Sergey G. Brester 4 years ago committed by GitHub
parent
c7a86b4616
commit
bbfff18280
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      config/action.d/ufw.conf

3
config/action.d/ufw.conf
Unescape View File

@ -33,13 +33,14 @@ actionunban = if [ -n "<application>" ] && ufw app info "<application>"
fi
# Option: kill-mode
# Notes.: can be set to ss (may be extended later with other modes) to immediately drop all connections from banned IP, default empty (no kill)
# Notes.: can be set to ss or conntrack (may be extended later with other modes) to immediately drop all connections from banned IP, default empty (no kill)
# Example: banaction = ufw[kill-mode=ss]
kill-mode =
# intern conditional parameter used to provide killing mode after ban:
_kill_ =
_kill_ss = ss -K dst "[<ip>]"
_kill_conntrack = conntrack -D -s "<ip>"
# Option: kill
# Notes.: can be used to specify custom killing feature, by default depending on option kill-mode

Write Preview
Loading…
Cancel
Save