From b77a6f8e3b9464b28040339ff58ba0d70f5dde04 Mon Sep 17 00:00:00 2001
From: "Sergey G. Brester" <github@sebres.de>
Date: Thu, 1 Feb 2018 20:26:06 +0100
Subject: [PATCH] Updated How to ban something other as host (IP address), like
 user or mail, etc. (markdown)

---
 ...g-other-as-host-(IP-address),-like-user-or-mail,-etc..md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/How-to-ban-something-other-as-host-(IP-address),-like-user-or-mail,-etc..md b/How-to-ban-something-other-as-host-(IP-address),-like-user-or-mail,-etc..md
index 9868f4f..3a2338a 100644
--- a/How-to-ban-something-other-as-host-(IP-address),-like-user-or-mail,-etc..md
+++ b/How-to-ban-something-other-as-host-(IP-address),-like-user-or-mail,-etc..md
@@ -48,6 +48,10 @@ Action config file `action.d/test-ban-user.local`:
 actionstart = 
 actionstop =
 actioncheck =
+# v. 0.10:
+actionban = echo 'ban f2b-<name> --user "<fid>"'
+actionunban = echo 'unban f2b-<name> --user "<fid>"'
+# v. 0.9:
 actionban = echo 'ban f2b-<name> --user <ip>'
 actionunban = echo 'unban f2b-<name> --user <ip>'
 ```
@@ -89,7 +93,7 @@ failregex = ^<F-ID>DDOS</F-ID> attack detected$
 * set small `bantime` (e. g. 1 second) to this "jail" (otherwise no "ban" action will be executed in this time, because "already banned" occurs), e. g. `bantime = 1`
 * you need to specify only `actionban` parameter in your custom action file:
 ```INI
-actionban = /user/bin/ids-attack.sh '<fid>'
+actionban = /user/bin/ids-attack.sh "<fid>"
 ``` 
 * `actionban` script will be executed as root (or with user, fail2ban running), so use `su` if other/restricted user needed;
 - set `usedns`, `ignoreip`, `ignorecommand` as suggested above, otherwise you can get error by comparison with empty/illegal host (that will be found by "failure");