#! /bin/sh /usr/share/dpatch/dpatch-run
## 00_iptables_mports.dpatch by Yaroslav Halchenko <debian@onerussian.com>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: No description.

@DPATCH@
diff -urNad fail2ban-0.7.6~/config/action.d/iptables-multiport.conf fail2ban-0.7.6/config/action.d/iptables-multiport.conf
--- fail2ban-0.7.6~/config/action.d/iptables-multiport.conf	1969-12-31 19:00:00.000000000 -0500
+++ fail2ban-0.7.6/config/action.d/iptables-multiport.conf	2007-01-19 10:40:54.000000000 -0500
@@ -0,0 +1,69 @@
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+# Modified by Yaroslav Halchenko for multiport banning
+# $Revision: 520 $
+#
+
+[Definition]
+
+# Option:  actionstart
+# Notes.:  command executed once at the start of Fail2Ban.
+# Values:  CMD
+#
+actionstart = iptables -N fail2ban-<name>
+              iptables -A fail2ban-<name> -j RETURN
+              iptables -I INPUT -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
+
+# Option:  actionend
+# Notes.:  command executed once at the end of Fail2Ban
+# Values:  CMD
+#
+actionstop = iptables -D INPUT -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
+             iptables -F fail2ban-<name>
+             iptables -X fail2ban-<name>
+
+# Option:  actioncheck
+# Notes.:  command executed once before each actionban command
+# Values:  CMD
+#
+actioncheck = iptables -n -L INPUT | grep -q fail2ban-<name>
+
+# Option:  actionban
+# Notes.:  command executed when banning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    <ip>  IP address
+#          <failures>  number of failures
+#          <time>  unix timestamp of the ban time
+# Values:  CMD
+#
+actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP
+
+# Option:  actionunban
+# Notes.:  command executed when unbanning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    <ip>  IP address
+#          <failures>  number of failures
+#          <time>  unix timestamp of the ban time
+# Values:  CMD
+#
+actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP
+
+[Init]
+
+# Defaut name of the chain
+#
+name = default
+
+# Option:  port
+# Notes.:  specifies port to monitor
+# Values:  [ NUM | STRING ]  Default:
+#
+port = ssh
+
+# Option:  protocol
+# Notes.:  internally used by config reader for interpolations.
+# Values:  [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
+