ENH: add ufw action based off Guilhem Lettron's work in lp-#701522. Closes gh-455

2013-12-14 00:34:12 +00:00 · 2013-12-14 00:34:12 +00:00 · f35345ecaa
parent d402701b9f
commit f35345ecaa
3 changed files with 35 additions and 0 deletions
--- a/1
+++ b/1
@ -33,6 +33,7 @@ ver. 0.8.12 (2013/12/XX) - things-can-only-get-better
  - remove indentation of name and loglevel while logging to SYSLOG to
    resolve syslog(-ng) parsing problems. Closes Debian bug #730202.
  - added squid filter. Thanks Roman Gelfand.
+  - added ufw action. Thanks Guilhem Lettron. lp-#701522

 - New Features:

--- a/1
+++ b/1
@ -31,6 +31,7 @@ ftoppi
 François Boulogne
 Frédéric
 Georgiy Mernov
+Guilhem Lettron
 Guillaume Delvit
 Hanno 'Rince' Wagner
 Iain Lea
--- a/config/action.d/ufw.conf
+++ b/config/action.d/ufw.conf
@ -0,0 +1,33 @@
+# Fail2Ban action configuration file for ufw
+#
+# Author: Guilhem Lettron
+# Enhancements: Daniel Black
+
+[Definition]
+
+actionstart = 
+
+actionstop = 
+
+actioncheck = 
+
+actionban = [ -n "<application>" ] && app="app <application>" ; ufw insert <insertpos> <blocktype> from <ip> to <destination> $app
+
+actionunban = [ -n "<application>" ] && app="app <application>" ; ufw delete <blocktype> from <ip> to <destination> $app
+
+[Init]
+# Option: insertpos
+# Notes.:  The postition number in the firewall list to insert the block rule
+insertpos = 2
+
+# Option: blocktype
+# Notes.: reject or deny
+blocktype = reject
+
+# Option: destination
+# Notes.: The destination address to block in the ufw rule
+destination = any
+
+# Option: application
+# Notes.: application from sudo ufw app list
+application =