Mercurial > repos > other > Puppet

annotate common/fail2ban/jail.local @ 6:b7c30595c97a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add "Shellshock" exploit Fail2ban rule
author IBBoard <dev@ibboard.co.uk>
date Sun, 28 Sep 2014 08:03:46 +0000
parents 956e484adc12
children 1bb941522ebf
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
0
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
1 [ssh-iptables]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
2 enabled = false
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
3
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
4 [ssh-apf]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
5 enabled = true
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
6 filter = sshd
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
7 action = apf[name=SSH]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
8 logpath = /var/log/secure
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
9 maxretry = 5
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
10 bantime = 604800
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
11
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
12 [apache-badbots]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
13 enabled = true
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
14 filter = apache-badbots
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
15 action = apf[name=ApacheBadBots]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
16 logpath = /var/log/apache/access_*.log
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
17 findtime = 604800
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
18 bantime = 604800
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
19
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
20 [apache-instaban]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
21 enabled = true
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
22 maxretry = 1
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
23 filter = ibb-apache-exploits-instaban
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
24 action = apf[name=ApacheInstaban]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
25 logpath = /var/log/apache/access_*.log
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
26 findtime = 604800
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
27 bantime = 604800
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
28
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
29 [apache-auth]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
30 enabled = true
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
31 maxretry = 5
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
32 filter = apache-auth
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
33 action = apf[name=ApacheAuth]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
34 logpath = /var/log/apache/error_*.log
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
35 findtime = 86400
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
36 bantime = 604800
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
37
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
38 [repeat-offenders]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
39 enabled = true
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
40 maxretry = 2
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
41 filter = ibb-repeat-offender
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
42 action = apf[name=RepeatOffenders]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
43 logpath = /var/log/fail2ban.log
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
44 findtime = 2592000
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
45 bantime = 2592000
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
46
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
47 [spam-email]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
48 enabled = true
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
49 maxretry = 1
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
50 filter = ibb-postfix-spammers
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
51 action = apf[name=SpamEmail]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
52 logpath = /var/log/maillog
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
53 findtime = 604800
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
54 bantime = 604800
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
55
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
56 [mail-abuse]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
57 enabled = true
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
58 maxretry = 1
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
59 filter = ibb-postfix-malicious
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
60 action = apf[name=MailAbuse]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
61 logpath = /var/log/maillog
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
62 findtime = 604800
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
63 bantime = 604800
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
64
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
65 [mail-rejected]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
66 enabled = true
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
67 maxretry = 10
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
68 filter = ibb-postfix
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
69 action = apf[name=MailRejected]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
70 logpath = /var/log/maillog
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
71 findtime = 604800
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
72 bantime = 604800
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
73
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
74 [sasl]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
75 enabled = true
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
76 maxretry = 10
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
77 filter = postfix-sasl
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
78 action = apf[name=SASLFailures]
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
79 logpath = /var/log/maillog
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
80 findtime = 604800
956e484adc12 Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
81 bantime = 604800
6
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents: 0
diff changeset
82
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents: 0
diff changeset
83 [shellshock]
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents: 0
diff changeset
84 enabled = true
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents: 0
diff changeset
85 maxretry = 1
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents: 0
diff changeset
86 filter = ibb-apache-shellshock
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents: 0
diff changeset
87 action = apf[name=Shellshock]
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents: 0
diff changeset
88 logpath = /var/log/apache/access_*.log
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents: 0
diff changeset
89 findtime = 604800
b7c30595c97a Add "Shellshock" exploit Fail2ban rule
IBBoard <dev@ibboard.co.uk>
parents: 0
diff changeset
90 bantime = 604800