mirror of https://github.com/fail2ban/fail2ban
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
92 lines
2.9 KiB
92 lines
2.9 KiB
# Fail2Ban main configuration file |
|
# |
|
# Comments: use '#' for comment lines and ';' (following a space) for inline comments |
|
# |
|
# Changes: in most of the cases you should not modify this |
|
# file, but provide customizations in fail2ban.local file, e.g.: |
|
# |
|
# [DEFAULT] |
|
# loglevel = DEBUG |
|
# |
|
|
|
[DEFAULT] |
|
|
|
# Option: loglevel |
|
# Notes.: Set the log level output. |
|
# CRITICAL |
|
# ERROR |
|
# WARNING |
|
# NOTICE |
|
# INFO |
|
# DEBUG |
|
# Values: [ LEVEL ] Default: INFO |
|
# |
|
loglevel = INFO |
|
|
|
# Option: logtarget |
|
# Notes.: Set the log target. This could be a file, SYSTEMD-JOURNAL, SYSLOG, STDERR or STDOUT. |
|
# Only one log target can be specified. |
|
# If you change logtarget from the default value and you are |
|
# using logrotate -- also adjust or disable rotation in the |
|
# corresponding configuration file |
|
# (e.g. /etc/logrotate.d/fail2ban on Debian systems) |
|
# Values: [ STDOUT | STDERR | SYSLOG | SYSOUT | SYSTEMD-JOURNAL | FILE ] Default: STDERR |
|
# |
|
logtarget = /var/log/fail2ban.log |
|
|
|
# Option: syslogsocket |
|
# Notes: Set the syslog socket file. Only used when logtarget is SYSLOG |
|
# auto uses platform.system() to determine predefined paths |
|
# Values: [ auto | FILE ] Default: auto |
|
syslogsocket = auto |
|
|
|
# Option: socket |
|
# Notes.: Set the socket file. This is used to communicate with the daemon. Do |
|
# not remove this file when Fail2ban runs. It will not be possible to |
|
# communicate with the server afterwards. |
|
# Values: [ FILE ] Default: /var/run/fail2ban/fail2ban.sock |
|
# |
|
socket = /var/run/fail2ban/fail2ban.sock |
|
|
|
# Option: pidfile |
|
# Notes.: Set the PID file. This is used to store the process ID of the |
|
# fail2ban server. |
|
# Values: [ FILE ] Default: /var/run/fail2ban/fail2ban.pid |
|
# |
|
pidfile = /var/run/fail2ban/fail2ban.pid |
|
|
|
# Option: allowipv6 |
|
# Notes.: Allows IPv6 interface: |
|
# Default: auto |
|
# Values: [ auto yes (on, true, 1) no (off, false, 0) ] Default: auto |
|
#allowipv6 = auto |
|
|
|
# Options: dbfile |
|
# Notes.: Set the file for the fail2ban persistent data to be stored. |
|
# A value of ":memory:" means database is only stored in memory |
|
# and data is lost when fail2ban is stopped. |
|
# A value of "None" disables the database. |
|
# Values: [ None :memory: FILE ] Default: /var/lib/fail2ban/fail2ban.sqlite3 |
|
dbfile = /var/lib/fail2ban/fail2ban.sqlite3 |
|
|
|
# Options: dbpurgeage |
|
# Notes.: Sets age at which bans should be purged from the database |
|
# Values: [ SECONDS ] Default: 86400 (24hours) |
|
dbpurgeage = 1d |
|
|
|
# Options: dbmaxmatches |
|
# Notes.: Number of matches stored in database per ticket (resolvable via |
|
# tags <ipmatches>/<ipjailmatches> in actions) |
|
# Values: [ INT ] Default: 10 |
|
dbmaxmatches = 10 |
|
|
|
[Definition] |
|
|
|
|
|
[Thread] |
|
|
|
# Options: stacksize |
|
# Notes.: Specifies the stack size (in KiB) to be used for subsequently created threads, |
|
# and must be 0 or a positive integer value of at least 32. |
|
# Values: [ SIZE ] Default: 0 (use platform or configured default) |
|
#stacksize = 0
|
|
|