# Fail2Ban configuration file # # Author: Cyril Jaquier # # # The default Shorewall configuration is with "BLACKLISTNEWONLY=Yes" (see # file /etc/shorewall/shorewall.conf). This means that when Fail2ban adds a # new shorewall rule to ban an IP address, that rule will affect only new # connections. So if the attempter goes on trying using the same connection # he could even log in. In order to get the same behavior of the iptable # action (so that the ban is immediate) the /etc/shorewall/shorewall.conf # file should me modified with "BLACKLISTNEWONLY=No". # [Definition] # Option: actionstart # Notes.: command executed once at the start of Fail2Ban. # Values: CMD # actionstart = # Option: actionstop # Notes.: command executed once at the end of Fail2Ban # Values: CMD # actionstop = # Option: actioncheck # Notes.: command executed once before each actionban command # Values: CMD # actioncheck = # Option: actionban # Notes.: command executed when banning an IP. Take care that the # command is executed with Fail2Ban user rights. # Tags: See jail.conf(5) man page # Values: CMD # actionban = shorewall # Option: actionunban # Notes.: command executed when unbanning an IP. Take care that the # command is executed with Fail2Ban user rights. # Tags: See jail.conf(5) man page # Values: CMD # actionunban = shorewall allow [Init] # Option: blocktype # Note: This is what the action does with rules. # See man page of shorewall for options that include drop, logdrop, reject, or logreject # Values: STRING blocktype = reject