From e16c18d091e0142ed906a77533a162ad092d21aa Mon Sep 17 00:00:00 2001
From: Cyril Jaquier <cyril.jaquier@fail2ban.org>
Date: Tue, 27 Jan 2009 23:39:38 +0000
Subject: [PATCH] - Added NetBSD ipfilter (ipf command) action. Thanks to Ed
 Ravin. Tracker #2484115.

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@724 a942ae1a-1317-0410-a47c-b1dcaea8d605
---
 ChangeLog                     |  2 ++
 MANIFEST                      |  1 +
 config/action.d/ipfilter.conf | 57 +++++++++++++++++++++++++++++++++++
 3 files changed, 60 insertions(+)
 create mode 100644 config/action.d/ipfilter.conf

diff --git a/ChangeLog b/ChangeLog
index 6150aea7..1b6b6138 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -29,6 +29,8 @@ ver. 0.8.4 (2008/??/??) - stable
   #1967610.
 - Improved SASL filter. Thanks to Loic Pefferkorn. Tracker
   #2310410.
+- Added NetBSD ipfilter (ipf command) action. Thanks to Ed
+  Ravin. Tracker #2484115.
 
 ver. 0.8.3 (2008/07/17) - stable
 ----------
diff --git a/MANIFEST b/MANIFEST
index 39ca0df8..00040912 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -83,6 +83,7 @@ config/action.d/complain.conf
 config/action.d/dshield.conf
 config/action.d/hostsdeny.conf
 config/action.d/ipfw.conf
+config/action.d/ipfilter.conf
 config/action.d/iptables.conf
 config/action.d/iptables-allports.conf
 config/action.d/iptables-multiport.conf
diff --git a/config/action.d/ipfilter.conf b/config/action.d/ipfilter.conf
new file mode 100644
index 00000000..991d9e58
--- /dev/null
+++ b/config/action.d/ipfilter.conf
@@ -0,0 +1,57 @@
+# Fail2Ban configuration file
+#
+# NetBSD ipfilter (ipf command) ban/unban
+#
+# Author: Ed Ravin <eravin@panix.com>
+#
+#
+
+[Definition]
+
+# Option:  actionstart
+# Notes.:  command executed once at the start of Fail2Ban.
+# Values:  CMD
+#
+# enable IPF if not already enabled
+actionstart = /sbin/ipf -E
+
+
+# Option:  actionstop
+# Notes.:  command executed once at the end of Fail2Ban
+# Values:  CMD
+#
+# don't disable IPF with "/sbin/ipf -D", there may be other filters in use
+actionstop = 
+
+
+# Option:  actioncheck
+# Notes.:  command executed once before each actionban command
+# Values:  CMD
+#
+actioncheck = 
+
+
+# Option:  actionban
+# Notes.:  command executed when banning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    <ip>  IP address
+#          <failures>  number of failures
+#          <time>  unix timestamp of the ban time
+# Values:  CMD
+#
+actionban = echo block in quick from <ip>/32 | /sbin/ipf -f -
+
+
+# Option:  actionunban
+# Notes.:  command executed when unbanning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    <ip>  IP address
+#          <failures>  number of failures
+#          <time>  unix timestamp of the ban time
+# Values:  CMD
+#
+# note -r option used to remove matching rule
+actionunban = echo block in quick from <ip>/32 | /sbin/ipf -r -f -
+
+[Init]
+