Commit Graph

12 Commits (57caf8ec90d2858649012e0a049b6605de3c383c)

Author SHA1 Message Date
sebres 067b76fc9e Merge branch '0.10' into 0.11 2020-08-04 15:40:59 +02:00
sebres 73a8175bb0 resolves names conflict (command action timeout and ipset timeout); closes gh-2790 2020-08-04 13:22:02 +02:00
sebres 1588200274 Merge branch '0.10' into 0.11 2020-05-25 18:58:05 +02:00
sebres 87a1a2f1a1 action.d/*-ipset*.conf: several ipset actions fixed (no timeout per default anymore), so no discrepancy between ipset and fail2ban (removal from ipset will be managed by fail2ban only) 2020-04-25 14:52:38 +02:00
sebres 8a0c06ba9e Merge branch '0.10' into 0.11 2018-09-14 11:01:40 +02:00
sebres d01fe9d22a action.d/*.conf: correct comments for actionstart/actionstop 2018-09-12 16:01:57 +02:00
sebres 309a1cb337 restore timeout for ipset-based actions: on some systems ipset created without default timeout may cause "Kernel error received: Unknown error -1" (gh-1994);
thus new option `default-timeout` introduced (because of dynamical bantime in 0.10, it cannot be used here).
2017-12-06 02:38:10 +01:00
sebres c21b4e4d56 [ban-time-incr] prolong ban, dynamic bantime, etc.:
- dynamic bantime: introduces new action-tag `<bantime>` corresponds to the current ban-time of the ticket;
  Note: because it is dynamic, it should be normally removed from `jail.conf` (resp. `jail.local`).
- introduced new action command `actionprolong`, used for prolongation of the timeout (ban-time of the ticket);
- removed default `timeout` from `actionstart` of several actions;
- faster and safer function escapeTag (replacement at once in one run, '\n' and '\r' escaped also);
2017-05-17 13:25:06 +02:00
Yaroslav Halchenko 0041bc3770 DOC: Changelog for shorewall-ipset-proto6.conf + adjusted its description 2015-07-26 23:10:08 -04:00
ediazrod 5fdd1d1ded Update shorewall-ipset-proto6.conf 2015-03-23 00:56:37 +01:00
ediazrod e26a1ad6b6 Update shorewall-ipset-proto6.conf 2015-03-23 00:55:06 +01:00
ediazrod d0887f3234 This is a especific configuration for shorewall ipset proto6
Use ipset proto6 in shorewall. You must follow the rules to enable ipset in you blacklist

if you have a lot of spam (my case) is better use ipset rather than shorewall command line (is my firewall)
stop fail2ban with shorewall on one list of 1000 Ips takes 5 min with ipset in shorewall 10 sec.
2015-02-26 18:48:31 +01:00