other/Puppet: common/fail2ban/jail.local annotate

annotate common/fail2ban/jail.local @ 35:1bb941522ebf puppet-3.6

Handle differences in firewalling between ASO (using APF) and most other hosts (using iptables)

author	IBBoard <dev@ibboard.co.uk>
date	Sat, 14 Mar 2015 20:01:17 +0000
parents	b7c30595c97a
children	ce8eaaca6a34

rev	line source
35 1bb941522ebf Handle differences in firewalling between ASO (using APF) and most other hosts (using iptables) IBBoard <dev@ibboard.co.uk> parents: 6 diff changeset	1 # Disable ssh-iptables because some versions auto-enable it
1bb941522ebf Handle differences in firewalling between ASO (using APF) and most other hosts (using iptables) IBBoard <dev@ibboard.co.uk> parents: 6 diff changeset	2 # and we want to use our own version (which may use non-iptables)
0 956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	3 [ssh-iptables]
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	4 enabled = false
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	5
35 1bb941522ebf Handle differences in firewalling between ASO (using APF) and most other hosts (using iptables) IBBoard <dev@ibboard.co.uk> parents: 6 diff changeset	6 [ssh-firewall-ban]
0 956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	7 enabled = true
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	8 filter = sshd
35 1bb941522ebf Handle differences in firewalling between ASO (using APF) and most other hosts (using iptables) IBBoard <dev@ibboard.co.uk> parents: 6 diff changeset	9 action = firewall-ban[name=SSH]
0 956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	10 logpath = /var/log/secure
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	11 maxretry = 5
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	12 bantime = 604800
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	13
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	14 [apache-badbots]
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	15 enabled = true
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	16 filter = apache-badbots
35 1bb941522ebf Handle differences in firewalling between ASO (using APF) and most other hosts (using iptables) IBBoard <dev@ibboard.co.uk> parents: 6 diff changeset	17 action = firewall-ban[name=ApacheBadBots]
0 956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	18 logpath = /var/log/apache/access_*.log
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	19 findtime = 604800
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	20 bantime = 604800
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	21
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	22 [apache-instaban]
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	23 enabled = true
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	24 maxretry = 1
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	25 filter = ibb-apache-exploits-instaban
35 1bb941522ebf Handle differences in firewalling between ASO (using APF) and most other hosts (using iptables) IBBoard <dev@ibboard.co.uk> parents: 6 diff changeset	26 action = firewall-ban[name=ApacheInstaban]
0 956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	27 logpath = /var/log/apache/access_*.log
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	28 findtime = 604800
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	29 bantime = 604800
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	30
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	31 [apache-auth]
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	32 enabled = true
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	33 maxretry = 5
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	34 filter = apache-auth
35 1bb941522ebf Handle differences in firewalling between ASO (using APF) and most other hosts (using iptables) IBBoard <dev@ibboard.co.uk> parents: 6 diff changeset	35 action = firewall-ban[name=ApacheAuth]
0 956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	36 logpath = /var/log/apache/error_*.log
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	37 findtime = 86400
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	38 bantime = 604800
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	39
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	40 [repeat-offenders]
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	41 enabled = true
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	42 maxretry = 2
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	43 filter = ibb-repeat-offender
35 1bb941522ebf Handle differences in firewalling between ASO (using APF) and most other hosts (using iptables) IBBoard <dev@ibboard.co.uk> parents: 6 diff changeset	44 action = firewall-ban[name=RepeatOffenders]
0 956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	45 logpath = /var/log/fail2ban.log
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	46 findtime = 2592000
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	47 bantime = 2592000
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	48
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	49 [spam-email]
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	50 enabled = true
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	51 maxretry = 1
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	52 filter = ibb-postfix-spammers
35 1bb941522ebf Handle differences in firewalling between ASO (using APF) and most other hosts (using iptables) IBBoard <dev@ibboard.co.uk> parents: 6 diff changeset	53 action = firewall-ban[name=SpamEmail]
0 956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	54 logpath = /var/log/maillog
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	55 findtime = 604800
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	56 bantime = 604800
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	57
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	58 [mail-abuse]
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	59 enabled = true
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	60 maxretry = 1
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	61 filter = ibb-postfix-malicious
35 1bb941522ebf Handle differences in firewalling between ASO (using APF) and most other hosts (using iptables) IBBoard <dev@ibboard.co.uk> parents: 6 diff changeset	62 action = firewall-ban[name=MailAbuse]
0 956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	63 logpath = /var/log/maillog
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	64 findtime = 604800
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	65 bantime = 604800
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	66
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	67 [mail-rejected]
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	68 enabled = true
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	69 maxretry = 10
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	70 filter = ibb-postfix
35 1bb941522ebf Handle differences in firewalling between ASO (using APF) and most other hosts (using iptables) IBBoard <dev@ibboard.co.uk> parents: 6 diff changeset	71 action = firewall-ban[name=MailRejected]
0 956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	72 logpath = /var/log/maillog
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	73 findtime = 604800
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	74 bantime = 604800
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	75
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	76 [sasl]
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	77 enabled = true
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	78 maxretry = 10
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	79 filter = postfix-sasl
35 1bb941522ebf Handle differences in firewalling between ASO (using APF) and most other hosts (using iptables) IBBoard <dev@ibboard.co.uk> parents: 6 diff changeset	80 action = firewall-ban[name=SASLFailures]
0 956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	81 logpath = /var/log/maillog
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	82 findtime = 604800
956e484adc12 Initial public release of Puppet configs IBBoard <dev@ibboard.co.uk> parents: diff changeset	83 bantime = 604800
6 b7c30595c97a Add "Shellshock" exploit Fail2ban rule IBBoard <dev@ibboard.co.uk> parents: 0 diff changeset	84
b7c30595c97a Add "Shellshock" exploit Fail2ban rule IBBoard <dev@ibboard.co.uk> parents: 0 diff changeset	85 [shellshock]
b7c30595c97a Add "Shellshock" exploit Fail2ban rule IBBoard <dev@ibboard.co.uk> parents: 0 diff changeset	86 enabled = true
b7c30595c97a Add "Shellshock" exploit Fail2ban rule IBBoard <dev@ibboard.co.uk> parents: 0 diff changeset	87 maxretry = 1
b7c30595c97a Add "Shellshock" exploit Fail2ban rule IBBoard <dev@ibboard.co.uk> parents: 0 diff changeset	88 filter = ibb-apache-shellshock
35 1bb941522ebf Handle differences in firewalling between ASO (using APF) and most other hosts (using iptables) IBBoard <dev@ibboard.co.uk> parents: 6 diff changeset	89 action = firewall-ban[name=Shellshock]
6 b7c30595c97a Add "Shellshock" exploit Fail2ban rule IBBoard <dev@ibboard.co.uk> parents: 0 diff changeset	90 logpath = /var/log/apache/access_*.log
b7c30595c97a Add "Shellshock" exploit Fail2ban rule IBBoard <dev@ibboard.co.uk> parents: 0 diff changeset	91 findtime = 604800
b7c30595c97a Add "Shellshock" exploit Fail2ban rule IBBoard <dev@ibboard.co.uk> parents: 0 diff changeset	92 bantime = 604800

Mercurial > repos > other > Puppet

annotate common/fail2ban/jail.local @ 35:1bb941522ebf puppet-3.6