include the fail2ban jail.local file complete, move files in folders
This commit is contained in:
parent
e8840d57dc
commit
22a2ef2de6
4 changed files with 975 additions and 66 deletions
37
README.md
37
README.md
|
|
@ -100,43 +100,24 @@ edit the config file
|
|||
```vim /etc/fail2ban/jail.local```
|
||||
|
||||
```bash
|
||||
[INCLUDES]
|
||||
|
||||
before = paths-debian.conf
|
||||
|
||||
[DEFAULT]
|
||||
|
||||
...
|
||||
bantime.increment = true
|
||||
...
|
||||
bantime.multipliers = 1 2 4 8 16 32 64
|
||||
ignorecommand =
|
||||
bantime = 240m
|
||||
...
|
||||
bantime = 300m
|
||||
...
|
||||
findtime = 10m
|
||||
maxretry = 5
|
||||
maxmatches = %(maxretry)s
|
||||
backend = auto
|
||||
usedns = warn
|
||||
logencoding = auto
|
||||
enabled = false
|
||||
mode = normal
|
||||
filter = %(__name__)s[mode=%(mode)s]
|
||||
destemail = root@localhost
|
||||
sender = root@<fq-hostname>
|
||||
mta = sendmail
|
||||
protocol = tcp
|
||||
chain = <known/chain>
|
||||
port = 0:65535
|
||||
fail2ban_agent = Fail2Ban/%(fail2ban_version)s
|
||||
banaction = iptables-multiport
|
||||
banaction_allports = iptables-allports
|
||||
action_ = %(banaction)s[port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
|
||||
action = %(action_)s
|
||||
...
|
||||
maxretry = 3
|
||||
|
||||
[sshd]
|
||||
...
|
||||
enabled = true
|
||||
mode = extra
|
||||
port = 29
|
||||
logpath = %(sshd_log)s
|
||||
backend = %(sshd_backend)s
|
||||
...
|
||||
```
|
||||
restart fail2ban
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue