# Fail2Ban configuration file
#
# Author: Cyril Jaquier
#
# $Revision$
#

# The DEFAULT allows a global definition of the options. They can be override
# in each jail afterwards.

[DEFAULT]

# "ignoreip" can be an IP address, a CIDR mask or a DNS host
ignoreip = 127.0.0.1
bantime  = 600
maxretry = 3


# This jail corresponds to the standard configuration in Fail2ban 0.6.
# The mail-whois action send a notification e-mail with a whois request
# in the body.

[ssh-iptables]

enabled  = false
filter   = sshd
action   = iptables[name=SSH, port=ssh, protocol=tcp]
           mail-whois[name=SSH, dest=yourmail@mail.com]
logpath  = /var/log/sshd.log
maxretry = 5

# This one behaves like the previous and sends a report when the jail
# is stopped.

[ssh-iptables-report]

enabled  = false
filter   = sshd
action   = iptables[name=SSH, port=ssh, protocol=tcp]
           mail-whois[name=SSH, dest=yourmail@mail.com]
           mail-report[dest=yourmail@mail.com]
logpath  = /var/log/sshd.log
maxretry = 5

# Here we use TCP-Wrappers instead of Netfilter/Iptables.

[ssh-tcpwrapper]

enabled  = false
filter   = sshd
action   = hostsdeny
           mail-whois[name=SSH, dest=yourmail@mail.com]
logpath  = /var/log/sshd.log


# The hosts.deny path can be defined with the "file" argument if it is
# not in /etc.

[postfix-tcpwrapper]

enabled  = false
filter   = postfix
action   = hostsdeny[file=/not/a/standard/path/hosts.deny]
           mail[name=Postfix, dest=yourmail@mail.com]
logpath  = /var/log/postfix.log
bantime  = 300

# Do not ban anybody. Just report information about the remote host.
# A notification is sent at most every 600 seconds (bantime).

[vsftpd-notification]

enabled  = false
filter   = vsftpd
action   = mail-whois[name=VSFTPD, dest=yourmail@mail.com]
logpath  = /var/log/vsftpd.log
maxretry = 5
bantime  = 1800