From 8de61532771167bf08454df05c90bd41f20137ce Mon Sep 17 00:00:00 2001 From: Robert Kuntz Date: Mon, 31 Oct 2022 22:47:14 +0100 Subject: [PATCH] Cloudflare list feature added add a new cloudflare action with list support --- THANKS | 1 + config/action.d/cloudflare-list.conf | 99 +++++ config/action.d/cloudflare.php | 570 +++++++++++++++++++++++++++ 3 files changed, 670 insertions(+) create mode 100644 config/action.d/cloudflare-list.conf create mode 100644 config/action.d/cloudflare.php diff --git a/THANKS b/THANKS index 9dd2e47c..43e96103 100644 --- a/THANKS +++ b/THANKS @@ -106,6 +106,7 @@ Raphaël Marichez RealRancor René Berber Robert Edeker +Robert Kuntz Rolf Fokkens Roman Gelfand Russell Odom diff --git a/config/action.d/cloudflare-list.conf b/config/action.d/cloudflare-list.conf new file mode 100644 index 00000000..2ed0e804 --- /dev/null +++ b/config/action.d/cloudflare-list.conf @@ -0,0 +1,99 @@ +# Fail2Ban configuration file +# +# Author: Robert Kuntz +# +# +# INFO +# +# This is a new implementation for Cloudflare wich using the list function for Cloudflare +# to work with the new free plans +# +# +# IMPORTANT +# +# Please set jail.local's permission to 640 because it contains your CF API token. +# +# +# API INFORMATIONS +# +# API Documentation: https://api.cloudflare.com/ +# API: https://api.cloudflare.com/client/v4/ +# To get your Cloudflare API token: https://developers.cloudflare.com/api/tokens/create/ + + +[Definition] + +# Option: actionstart +# Notes.: command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false). +# Values: CMD +# +actionstart = php /etc/fail2ban/action.d/cloudflare.php start + +# Option: actionstop +# Notes.: command executed at the stop of jail (or at the end of Fail2Ban) +# Values: CMD +# +actionstop = php /etc/fail2ban/action.d/cloudflare.php stop + +# Option: actioncheck +# Notes.: command executed once before each actionban command +# Values: CMD +# +actioncheck = + +# Option: actionrepair +# Notes.: Command executed in order to restore sane environment in error case. +# Values: CMD +actionrepair = + +# Option: actionban +# Notes.: command executed when banning an IP. Take care that the +# command is executed with Fail2Ban user rights. +# Tags: IP address +# number of failures +#