From f82f937497dd4c11ab62563ba2ab1993b9b68ed5 Mon Sep 17 00:00:00 2001 From: "Sergey G. Brester" Date: Thu, 14 Mar 2019 21:20:23 +0100 Subject: [PATCH] highlighting ini-blocks --- Proper-fail2ban-configuration.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Proper-fail2ban-configuration.md b/Proper-fail2ban-configuration.md index 4aa5ab9..37ef61f 100644 --- a/Proper-fail2ban-configuration.md +++ b/Proper-fail2ban-configuration.md @@ -10,7 +10,7 @@ Since this stock files may be overwritten by the package upgrades, or because yo So to set your jail configuration, don't change `jail.conf`. To customize some filter configuration, don't change `filter.conf`. Instead, create a new file with `.local` extension and write there only the settings to overwrite resp. to extend the values of original configuration. For example any values defined in `jail.local` will override those in `jail.conf` in the same sections (e. g. `[DEFAULT]`). So for example if original `.conf` file contains: -``` +```ini [DEFAULT] logpath = /path/to/log @@ -22,7 +22,7 @@ enabled = true enabled = true ``` And you'll create a `.local` file contains: -``` +```ini [DEFAULT] logpath = /my-path/to/log ``` @@ -39,7 +39,7 @@ But value of parameter `logpath` in `section2` will be changed to `/my-path/to/l For example if you'll, that fail2ban should ban authorization failures occurred in sshd and nginx, but the `error.log` of your your nginx-instance is configured as `/var/log/my-nginx/error.log` you should set also parameter `logpath` additionally to `enabled` in section `[nginx]`. So your `jail.local` looks like: -``` +```ini [nginx] logpath = /var/log/my-nginx/error.log enabled = true @@ -50,7 +50,7 @@ enabled = true If you use another version of fail2ban as provided from maintainers of your distribution, you should check another parameters (that may be normally specified in some distribution config files), like: - several path-parameters of fail2ban service self (specified in `fail2ban.conf` or includes): -``` +```ini [Definition] logtarget = /var/log/fail2ban.log socket = /var/run/fail2ban/fail2ban.sock