Mercurial > repos > other > Puppet
view modules/fail2ban/files/jail.local @ 360:58cf3e347102
Remove local DNS64 generation to get redundancy back
author | IBBoard <dev@ibboard.co.uk> |
---|---|
date | Mon, 05 Oct 2020 20:05:38 +0100 |
parents | 3a1b19f6a054 |
children |
line wrap: on
line source
# Disable ssh-iptables because some versions auto-enable it # and we want to use our own version (which may use non-iptables) [ssh-iptables] enabled = false [ssh-firewall-ban] enabled = true filter = sshd action = firewall-ban[name=SSH,chain=Fail2Ban,port=222] logpath = /var/log/secure maxretry = 3 bantime = 604800 [ssh-user-instaban] enabled = true filter = ibb-sshd-bad-user action = firewall-ban[name=SSH-Instaban,chain=Fail2Ban,port=222] logpath = /var/log/secure maxretry = 1 bantime = 604800 [ssh-key-ban] enabled = true filter = ibb-sshd action = firewall-ban[name=SSH-Key,chain=Fail2Ban,port=222] logpath = /var/log/secure maxretry = 3 findtime = 604800 bantime = 604800 # Disable badbots - we've not seen it used in a month [apache-badbots] enabled = false filter = apache-badbots action = firewall-ban[name=ApacheBadBots,chain=Fail2Ban,port="80,443"] logpath = /var/log/apache/access_*.log findtime = 604800 bantime = 604800 [apache-instaban] enabled = true maxretry = 1 filter = ibb-apache-exploits-instaban action = ibb-apache-ip-block logpath = /var/log/apache/access_*.log findtime = 86400 bantime = 86400 # Disable auth - we've not seen it used in a month [apache-auth] enabled = false maxretry = 5 filter = apache-auth action = firewall-ban[name=ApacheAuth,chain=Fail2Ban,port="80,443"] logpath = /var/log/apache/error_*.log findtime = 86400 bantime = 604800 # Repeat offenders only operates on Apache because we're not # seeing much on anything else anymore (or we can't filter # because of IPv6-to-v4 proxying) [repeat-offenders] enabled = true maxretry = 2 filter = ibb-repeat-offender action = ibb-apache-ip-block[chain=repeat] logpath = /var/log/fail2ban.log findtime = 2592000 bantime = 2592000 [repeat-offenders-ssh] enabled = true maxretry = 2 filter = ibb-repeat-offender-ssh action = firewall-ban[name=RepeatOffendersSSH,chain=Fail2Ban,port="222"] logpath = /var/log/fail2ban.log findtime = 2592000 bantime = 2592000 [spam-email] enabled = true maxretry = 1 filter = ibb-postfix-spammers action = firewall-ban[name=SpamEmail,chain=Fail2Ban,port="465,25"] logpath = /var/log/maillog findtime = 604800 bantime = 604800 [mail-abuse] enabled = true maxretry = 1 filter = ibb-postfix-malicious action = firewall-ban[name=MailAbuse,chain=Fail2Ban,port="465,25"] logpath = /var/log/maillog findtime = 604800 bantime = 604800 [mail-rejected] enabled = false maxretry = 10 filter = ibb-postfix action = firewall-ban[name=MailRejected,chain=Fail2Ban,port="465,25"] logpath = /var/log/maillog findtime = 604800 bantime = 604800 [sasl] enabled = true maxretry = 10 filter = postfix[mode=auth] action = firewall-ban[name=SASLFailures,chain=Fail2Ban,port="465,25"] logpath = /var/log/maillog findtime = 604800 bantime = 604800 [shellshock] enabled = true maxretry = 1 filter = ibb-apache-shellshock action = firewall-ban[name=Shellshock,chain=Fail2Ban,port="80,443"] logpath = /var/log/apache/access_*.log findtime = 604800 bantime = 604800