kolan
/
etc-config
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
etc-config/fail2ban/jail.local

193 lines
6.2 KiB
Plaintext
Raw Blame History

[DEFAULT]
ignoreip = 127.0.0.1/8 192.168.1.0/24
bantime = 20
findtime = 20
maxretry = 3
backend = auto
destemail = backbone@backbone.ws
banaction = iptables-multiport
mta = sendmail
protocol = tcp
[ssh-iptables]
enabled = true
action = iptables[name=SSH, port=ssh, protocol=tcp]
sendmail-whois[name=SSH, dest=backbone@backbone.ws]
logpath = /var/log/messages
[ssh-ddos]
enabled = true
action = iptables[name=SSHDDOS, port=ssh, protocol=tcp]
sendmail-whois[name=SSH-DDOS, dest=backbone@backbone.ws]
logpath = /var/log/messages
[pure-ftpd]
enabled = true
action = iptables[name=pureftpd, port=ftp, protocol=tcp]
sendmail-whois[name=Pure-FTPd, dest=backbone@backbone.ws]
# logpath = /var/log/pureftpd.log
logpath = /var/log/messages
[sendmail-auth]
enabled = true
action = iptables-multiport[name=sendmail-auth, port="submission,465,smtp", protocol=tcp]
sendmail-whois[name=Sendmail-Auth, dest=backbone@backbone.ws]
logpath = /var/log/mail.log
[sendmail-reject]
enabled = true
action = iptables-multiport[name=sendmail-auth, port="submission,465,smtp", protocol=tcp]
sendmail-whois[name=Sendmail-Reject, dest=backbone@backbone.ws]
logpath = /var/log/mail.log
[nginx-http-auth]
enabled = true
action = iptables-multiport[name=nginx-http-auth,port="80,443"]
sendmail-whois[name=Nginx-Http-Auth, dest=backbone@backbone.ws]
logpath = /var/log/nginx/error_log
[squid]
enabled = true
action = iptables-multiport[name=squid,port="80,443,8080"]
sendmail-whois[name=Squid, dest=backbone@backbone.ws]
logpath = /var/log/squid/access.log
[postfix-tcpwrapper]
enabled = true
action = hostsdeny[file=/not/a/standard/path/hosts.deny]
sendmail-whois[name=Postfix-TCPWrapper, dest=backbone@backbone.ws]
logpath = /var/log/mail.log
[php-url-fopen]
enabled = true
action = iptables-multiport[name=php-url-open, port="http,https"]
sendmail-whois[name=PHP-URL-Fopen, dest=backbone@backbone.ws]
logpath = /var/log/lighttpd/access.log
[lighttpd-auth]
enabled = true
action = iptables-multiport[name=lighttpd-auth, port="http,https"]
sendmail-whois[name=Lighttpd-Auth, dest=backbone@backbone.ws]
logpath = /var/log/lighttpd/error.log
[named-refused-tcp]
enabled = true
action = iptables-multiport[name=Named, port="domain,953", protocol=tcp]
sendmail-whois[name=Named, dest=backbone@backbone.ws]
logpath = /var/log/messages
[nsd]
enabled = true
action = iptables-multiport[name=nsd-tcp, port="domain", protocol=tcp]
iptables-multiport[name=nsd-udp, port="domain", protocol=udp]
sendmail-whois[name=Nsd, dest=backbone@backbone.ws]
logpath = /var/log/messages
[ejabberd-auth]
enabled = true
action = iptables[name=ejabberd, port=xmpp-client, protocol=tcp]
sendmail-whois[name=Ejabberd-Auth, dest=backbone@backbone.ws]
logpath = /var/log/jabber/ejabberd.log
[recidive]
enabled = true
action = iptables-allports[name=recidive,protocol=all]
sendmail-whois[name=Recidive, dest=backbone@backbone.ws]
[exim]
enabled = true
action = iptables-multiport[name=exim,port="25,465,587"]
sendmail-whois[name=Exim, dest=backbone@backbone.ws]
logpath = /var/log/exim/exim_main.log
[exim-spam]
enabled = true
action = iptables-multiport[name=exim-spam,port="25,465,587"]
sendmail-whois[name=Exim-Spam, dest=backbone@backbone.ws]
logpath = /var/log/exim/exim_main.log
[perdition]
enabled = true
action = iptables-multiport[name=perdition,port="110,143,993,995"]
sendmail-whois[name=Perdition, dest=backbone@backbone.ws]
logpath = /var/log/mail.log
[dovecot]
enabled = true
action = iptables-multiport[name=dovecot, port="pop3,pop3s,imap,imaps,submission,465,sieve", protocol=tcp]
sendmail-whois[name=Dovecot, dest=backbone@backbone.ws]
logpath = /var/log/mail.log
[dovecot-auth]
enabled = true
action = iptables-multiport[name=dovecot-auth, port="pop3,pop3s,imap,imaps,submission,465,sieve", protocol=tcp]
sendmail-whois[name=Dovecot-Auth, dest=backbone@backbone.ws]
logpath = /var/log/dovecot.log
[solid-pop3d]
enabled = true
action = iptables-multiport[name=solid-pop3, port="pop3,pop3s", protocol=tcp]
sendmail-whois[name=Solid-POP3d, dest=backbone@backbone.ws]
logpath = /var/log/mail.log
[ssh-blocklist]
enabled = true
action = iptables[name=SSH, port=ssh, protocol=tcp]
sendmail-whois[name=SSH-Blocklist, dest=backbone@backbone.ws]
logpath = /var/log/messages
# Kolan: Additional filters/rules
[nginx-auth]
enabled = true
filter = nginx-auth
action = iptables-multiport[name=nginx-auth, port="http,https", protocol=tcp]
sendmail-whois[name=Nginx-Auth, dest=backbone@backbone.ws]
logpath = /var/log/nginx/localhost.error_log
bantime = 3600
maxretry = 3
[nginx-login]
enabled = true
filter = nginx-login
action = iptables-multiport[name=nginx-login, port="http,https", protocol=tcp]
sendmail-whois[name=Nginx-Login, dest=backbone@backbone.ws]
logpath = /var/log/nginx*/*access*log
bantime = 600
maxretry = 6
[nginx-badbots]
enabled = true
filter = apache-badbots
action = iptables-multiport[name=nginx-badbots, port="http,https", protocol=tcp]
sendmail-whois[name=Nginx-BadBots, dest=backbone@backbone.ws]
logpath = /var/log/nginx*/*access*log
bantime = 86400
maxretry = 1
[nginx-noscript]
enabled = true
filter = nginx-noscript
action = iptables-multiport[name=nginx-noscript, port="http,https", protocol=tcp]
sendmail-whois[name=Nginx-Noscript, dest=backbone@backbone.ws]
logpath = /var/log/nginx*/*access*log
maxretry = 6
bantime = 86400
[nginx-proxy]
enabled = true
filter = nginx-proxy
action = iptables-multiport[name=nginx-proxy, port="http,https", protocol=tcp]
sendmail-whois[name=Nginx-Proxy, dest=backbone@backbone.ws]
logpath = /var/log/nginx*/*access*log
maxretry = 0
bantime = 86400
[lighttpd-fastcgi]
enabled = true
port = http,https
filter = lighttpd-fastcgi
action = iptables-multiport[name=lighttpd-fastcgi, port="http,https", protocol=tcp]
sendmail-whois[name=Lighttpd-FastCGI, dest=backbone@backbone.ws]
logpath = /var/log/lighttpd/error.log
maxretry = 2
Reference in New Issue View Git Blame Copy Permalink