mirror of https://github.com/fail2ban/fail2ban
- Clean up configuration files
git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@281 a942ae1a-1317-0410-a47c-b1dcaea8d6050.x
Cyril Jaquier
parent
ad279c9f17
commit
d7682360bc
|
|
@ -1,55 +0,0 @@
|
||||||
# Fail2Ban configuration file
|
|
||||||
#
|
|
||||||
# Author: Cyril Jaquier
|
|
||||||
#
|
|
||||||
# $Revision$
|
|
||||||
#
|
|
||||||
|
|
||||||
[Definition]
|
|
||||||
|
|
||||||
# Option: protocol
|
|
||||||
# Notes.: internally used by config reader for interpolations.
|
|
||||||
# Values: [ tcp | udp | icmp | all ] Default: tcp
|
|
||||||
#
|
|
||||||
protocol = tcp
|
|
||||||
|
|
||||||
# Option: fwstart
|
|
||||||
# Notes.: command executed once at the start of Fail2Ban.
|
|
||||||
# Values: CMD Default:
|
|
||||||
#
|
|
||||||
actionstart = touch /tmp/fail2ban.foo
|
|
||||||
|
|
||||||
# Option: fwend
|
|
||||||
# Notes.: command executed once at the end of Fail2Ban
|
|
||||||
# Values: CMD Default:
|
|
||||||
#
|
|
||||||
actionstop = rm -f /tmp/fail2ban.foo
|
|
||||||
|
|
||||||
# Option: fwcheck
|
|
||||||
# Notes.: command executed once before each fwban command
|
|
||||||
# Values: CMD Default:
|
|
||||||
#
|
|
||||||
actioncheck = [ -e "/tmp/fail2ban.foo" ]
|
|
||||||
|
|
||||||
# Option: fwban
|
|
||||||
# Notes.: command executed when banning an IP. Take care that the
|
|
||||||
# command is executed with Fail2Ban user rights.
|
|
||||||
# Tags: <ip> IP address
|
|
||||||
# <failures> number of failures
|
|
||||||
# <failtime> unix timestamp of the last failure
|
|
||||||
# <bantime> unix timestamp of the ban time
|
|
||||||
# Values: CMD
|
|
||||||
# Default: iptables -I INPUT 1 -s <ip> -j DROP
|
|
||||||
#
|
|
||||||
actionban = echo "+<ip>" >> /tmp/fail2ban.foo
|
|
||||||
|
|
||||||
# Option: fwunban
|
|
||||||
# Notes.: command executed when unbanning an IP. Take care that the
|
|
||||||
# command is executed with Fail2Ban user rights.
|
|
||||||
# Tags: <ip> IP address
|
|
||||||
# <bantime> unix timestamp of the ban time
|
|
||||||
# <unbantime> unix timestamp of the unban time
|
|
||||||
# Values: CMD
|
|
||||||
# Default: iptables -D INPUT -s <ip> -j DROP
|
|
||||||
#
|
|
||||||
actionunban = echo "-<ip>" >> /tmp/fail2ban.foo
|
|
||||||
|
|
@ -7,6 +7,18 @@
|
||||||
|
|
||||||
[Definition]
|
[Definition]
|
||||||
|
|
||||||
|
# Option: loglevel
|
||||||
|
# Notes.: Set the log level output.
|
||||||
|
# 1 = ERROR
|
||||||
|
# 2 = WARN
|
||||||
|
# 3 = INFO
|
||||||
|
# 4 = DEBUG
|
||||||
|
# Values: NUM Default: 3
|
||||||
|
#
|
||||||
loglevel = 3
|
loglevel = 3
|
||||||
|
|
||||||
|
# Option: logtarget
|
||||||
|
# Notes.: Set the log target. This could be a file, SYSLOG, STDERR.
|
||||||
|
# Values: STDERR SYSLOG file Default: /var/log/fail2ban.log
|
||||||
|
#
|
||||||
logtarget = /var/log/fail2ban.log
|
logtarget = /var/log/fail2ban.log
|
||||||
|
|
|
||||||
|
|
@ -7,23 +7,9 @@
|
||||||
|
|
||||||
[dummy]
|
[dummy]
|
||||||
|
|
||||||
enabled = true
|
enabled = false
|
||||||
filter = sshd
|
filter = sshd
|
||||||
action = hostsdeny[file=/tmp/hosts.deny]
|
action = hostsdeny[file=/tmp/hosts.deny]
|
||||||
mail[name=SSH, dest=cyril.jaquier@bluewin.ch]
|
mail[name=SSH, dest=cyril.jaquier@bluewin.ch]
|
||||||
maxretry = 2
|
maxretry = 2
|
||||||
bantime = 10
|
bantime = 10
|
||||||
|
|
||||||
[ssh]
|
|
||||||
|
|
||||||
enabled = false
|
|
||||||
filter = sshd
|
|
||||||
action = iptables
|
|
||||||
bantime = 10
|
|
||||||
|
|
||||||
[apache-error]
|
|
||||||
|
|
||||||
enabled = false
|
|
||||||
filter = apache-error
|
|
||||||
action = hostdeny
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue