Skip to content

Instantly share code, notes, and snippets.

@sebres

sebres/actions.md

Last active August 16, 2023 11:21
Show Gist options
  • Save sebres/04672a91927eae72666507a03a88e5b1 to your computer and use it in GitHub Desktop.
Save sebres/04672a91927eae72666507a03a88e5b1 to your computer and use it in GitHub Desktop.
Download ZIP
fail2ban - simple actions supplying iptables / ipset to remote host
Raw
actions.md

action.d/ssh-iptables.conf:

## Usage:
##   banaction = ssh-iptables[[email protected], type=multiport]
##   banaction_allports = ssh-iptables[[email protected], type=allports]

[INCLUDES]

before = iptables.conf

[Init]

ssh = ssh <remote-host>
remote-host = user@host

iptables = <ssh> iptables <lockingopt>

[Init?family=inet6]

iptables = <ssh> ip6tables <lockingopt>

action.d/ssh-iptables-ipset.conf:

## Usage:
##   banaction = ssh-iptables-ipset[[email protected], type=multiport]
##   banaction_allports = ssh-iptables-ipset[[email protected], type=allports]

[INCLUDES]

before = iptables-ipset.conf

[Definition]

_ips_mockup = ipset() { <ssh> ipset $@; };
_cmd_mockup = %(_ips_mockup)s iptables() { <ssh> iptables $@; }; ip6tables() { <ssh> ip6tables $@; };

actionstart = %(_cmd_mockup)s %(known/actionstart)s
actionflush = %(_ips_mockup)s %(known/actionflush)s
actionstop  = %(_cmd_mockup)s %(known/actionstop)s
actioncheck = %(_cmd_mockup)s %(known/actioncheck)s
actionban   = %(_ips_mockup)s %(known/actionban)s
actionunban = %(_ips_mockup)s %(known/actionunban)s

[Init]

ssh = ssh <remote-host>
remote-host = user@host
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment