mirror of https://github.com/fail2ban/fail2ban
DOC: Added suggested by @beilber description of .d/ + added I formatting to all filenames
parent
755f27493e
commit
ca474eb488
|
@ -2,11 +2,11 @@
|
|||
.SH NAME
|
||||
jail.conf \- configuration for the fail2ban server
|
||||
.SH SYNOPSIS
|
||||
.B jail.conf / jail.local
|
||||
.I jail.conf / jail.local
|
||||
|
||||
.B action.d/*.conf action.d/*.local
|
||||
.I action.d/*.conf action.d/*.local
|
||||
|
||||
.B filter.d/*.conf filter.d/*.local
|
||||
.I filter.d/*.conf filter.d/*.local
|
||||
.SH DESCRIPTION
|
||||
Fail2ban has three configuration file types. Action files are the commands for banning and unbanning of IP address,
|
||||
Filter files tell fail2ban how to detect authentication failures, and Jail configurations combine filters with actions into jails.
|
||||
|
@ -18,7 +18,7 @@ For instance, if you would like to customize the [ssh-iptables-ipset] jail, crea
|
|||
it:
|
||||
|
||||
.TP
|
||||
\fBjail.local\fR
|
||||
\fIjail.local\fR
|
||||
[ssh-iptables-ipset]
|
||||
|
||||
enabled = true
|
||||
|
@ -27,8 +27,26 @@ enabled = true
|
|||
Override only the settings you need to change and the rest of the configuration will come from the corresponding
|
||||
*.conf file.
|
||||
|
||||
\fI*.d/\fR
|
||||
.RS
|
||||
In addition to .local, for any .conf file there can be a corresponding
|
||||
.d directory to contain additional .conf files that will be read after the
|
||||
appropriate .local file. Last parsed file will take precidence over
|
||||
identical entries, parsed alphabetically, e.g.
|
||||
|
||||
.RS
|
||||
\fIjail.d/01_enable.conf\fR - to enable a specific jail
|
||||
.RE
|
||||
.RS
|
||||
\fIjail.d/02_custom_port.conf\fR - containing specific configuration entry to change the port of the jail specified in the configuration
|
||||
.RE
|
||||
.RS
|
||||
\fIfail2ban.d/01_custom_log.conf\fR - containing specific configuration entry to use a different log path.
|
||||
.RE
|
||||
.RE
|
||||
|
||||
.SH DEFAULT
|
||||
The following options are applicable to all jails. Their meaning is described in the default jail.conf file.
|
||||
The following options are applicable to all jails. Their meaning is described in the default \fIjail.conf\fR file.
|
||||
.TP
|
||||
\fBignoreip\fR
|
||||
.TP
|
||||
|
@ -44,14 +62,14 @@ The following options are applicable to all jails. Their meaning is described in
|
|||
|
||||
|
||||
.SH "ACTION FILES"
|
||||
Action files specify which commands are executed to ban and unban an IP address. They are located under /etc/fail2ban/action.d.
|
||||
Action files specify which commands are executed to ban and unban an IP address. They are located under \fI/etc/fail2ban/action.d\fR.
|
||||
|
||||
Like with jail.conf files, if you desire local changes create an [actionname].local file in the /etc/fail2ban/action.d directory
|
||||
Like with jail.conf files, if you desire local changes create an \fI[actionname].local\fR file in the \fI/etc/fail2ban/action.d\fR directory
|
||||
and override the required settings.
|
||||
|
||||
Action files are ini files that have two sections, \fBDefinition\fR and \fBInit\fR .
|
||||
|
||||
The [Init] section allows for action-specific settings. In jail.conf/jail.local these can be overwritten for a particular jail as options to the jail.
|
||||
The [Init] section allows for action-specific settings. In \fIjail.conf/jail.local\fR these can be overwritten for a particular jail as options to the jail.
|
||||
|
||||
The following commands can be present in the [Definition] section.
|
||||
.TP
|
||||
|
@ -99,7 +117,7 @@ The concatenated string of the log file lines of the matches that generated the
|
|||
|
||||
.SH FILTER FILES
|
||||
|
||||
Filter definitions are those in /etc/fail2ban/filter.d/*.conf and filter.d/*.local.
|
||||
Filter definitions are those in \fI/etc/fail2ban/filter.d/*.conf\fR and \fIfilter.d/*.local\fR.
|
||||
|
||||
These are used to identify failed authentication attempts in logs and to extract the host IP address (or hostname if \fBusedns\fR is \fBtrue\fR).
|
||||
|
||||
|
|
Loading…
Reference in New Issue