Created
June 19, 2014 08:54
-
-
Save kaworu/4840badd691266fe0a93 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Fail2Ban jail specifications file | |
| # | |
| # Comments: use '#' for comment lines and ';' for inline comments | |
| # | |
| # Changes: in most of the cases you should not modify this | |
| # file, but provide customizations in jail.local file, e.g.: | |
| # | |
| # [DEFAULT] | |
| # bantime = 3600 | |
| # | |
| # [ssh-iptables] | |
| # enabled = true | |
| # | |
| # The DEFAULT allows a global definition of the options. They can be overridden | |
| # in each jail afterwards. | |
| [DEFAULT] | |
| # "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not | |
| # ban a host which matches an address in this list. Several addresses can be | |
| # defined using space separator. | |
| ignoreip = 127.0.0.1/8 | |
| # "bantime" is the number of seconds that a host is banned. | |
| bantime = 1200 | |
| # A host is banned if it has generated "maxretry" during the last "findtime" | |
| # seconds. | |
| findtime = 600 | |
| # "maxretry" is the number of failures before a host get banned. | |
| maxretry = 3 | |
| # "backend" specifies the backend used to get files modification. | |
| # Available options are "pyinotify", "gamin", "polling" and "auto". | |
| # This option can be overridden in each jail as well. | |
| # | |
| # pyinotify: requires pyinotify (a file alteration monitor) to be installed. | |
| # If pyinotify is not installed, Fail2ban will use auto. | |
| # gamin: requires Gamin (a file alteration monitor) to be installed. | |
| # If Gamin is not installed, Fail2ban will use auto. | |
| # polling: uses a polling algorithm which does not require external libraries. | |
| # auto: will try to use the following backends, in order: | |
| # pyinotify, gamin, polling. | |
| backend = auto | |
| # "usedns" specifies if jails should trust hostnames in logs, | |
| # warn when DNS lookups are performed, or ignore all hostnames in logs | |
| # | |
| # yes: if a hostname is encountered, a DNS lookup will be performed. | |
| # warn: if a hostname is encountered, a DNS lookup will be performed, | |
| # but it will be logged as a warning. | |
| # no: if a hostname is encountered, will not be used for banning, | |
| # but it will be logged as info. | |
| usedns = warn | |
| [ssh] | |
| enabled = true | |
| filter = bsd-sshd | |
| action = sendmail-whois[name=sshd] | |
| pf[tablename=fail2ban_ssh] | |
| logpath = /var/log/auth.log | |
| bantime = 86400 | |
| [postfix] | |
| enabled = false | |
| filter = postfix | |
| action = sendmail-whois[name=postfix] | |
| pf[tablename=fail2ban_mail] | |
| logpath = /var/log/maillog | |
| [dovecot] | |
| enabled = true | |
| filter = dovecot | |
| action = sendmail-whois[name=dovecot] | |
| pf[tablename=fail2ban_mail] | |
| logpath = /var/log/maillog | |
| maxretry = 6 | |
| [roundcube] | |
| enabled = true | |
| filter = roundcube | |
| action = sendmail-whois[name=roundcube] | |
| pf[tablename=fail2ban_mail, actname=mailban] | |
| pf[tablename=fail2ban_www, actname=wwwban] | |
| logpath = /var/log/maillog | |
| maxretry = 4 | |
| [postfixadmin] | |
| enabled = true | |
| filter = postfixadmin | |
| action = sendmail-whois[name=postfixadmin] | |
| pf[tablename=fail2ban_mail, actname=mailban] | |
| pf[tablename=fail2ban_www, actname=wwwban] | |
| logpath = /var/log/nginx/postfixadmin-access.log | |
| bantime = 2400 | |
| [owncloud] | |
| enabled = true | |
| filter = owncloud | |
| action = sendmail-whois[name=owncloud] | |
| pf[tablename=fail2ban_www] | |
| logpath = /var/log/nginx/owncloud-access.log |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment