vn-ansible/roles/config-fail2ban/templates/jail2.j2

86 lines
2.4 KiB
Plaintext
Raw Normal View History

2023-10-27 08:52:33 +00:00
#+++++++++++++++++++++++++++++++++++++
# PLS , DONT EDIT THIS FILE , THIS FILE IS DEPLOYER WITH ANSIBLE TEMPLATES , IF U WANT SOME CHANGES OR ADD NEW POLICIES
# EDIT THE FILE config-fail2ban.yaml IN GITEA REPO vn-ansible > linux > base-config-debian , AND ADD MORE VARS
#+++++++++++++++++++++++++++++++++++++
2023-10-27 08:01:03 +00:00
# Custom fail2ban conf
#+++++++++++++++++++++++++++++++++++++
# 31536000 ; year
# 18144000 ; 30days
# 604800 ; 1 week
# 86400 ; 1 day
# 3600 ; 1 hour
#+++++++++++++++++++++++++++++++++++++
[INCLUDES]
#
# INCLUDES
#
before = paths-debian.conf
#+++++++++++++++++++++++++++++++++++++
# The DEFAULT allows a global definition of the options. They can be overridden
# in each jail afterwards.
[DEFAULT]
#
# OPTIONS CONF DEFAULT
#
# ignorecommand =
bantime = {{ bantime }}
findtime = {{ findtime }}
maxretry = {{ maxretry }}
maxmatches = %(maxretry)s
backend = auto
usedns = warn
logencoding = auto
enabled = false
mode = normal
filter = %(__name__)s[mode=%(mode)s]
destemail = sysadmin@verdnatura.es
sender = root@<fq-hostname>
mta = mail
protocol = tcp
chain = <known/chain>
port = 0:65535
fail2ban_agent = Fail2Ban/%(fail2ban_version)s
banaction = nftables-multiport
banaction_allports = nftables-allports
action_ = %(banaction)s[port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
action_mw = %(action_)s
%(mta)s-whois[sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"]
action_mwl = %(action_)s
%(mta)s-whois-lines[sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"]
action_xarf = %(action_)s
xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"]
action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"]
%(mta)s-whois-lines[sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"]
action_blocklist_de = blocklist_de[email="%(sender)s", service="%(__name__)s", apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"]
action_abuseipdb = abuseipdb
action = %(action_mwl)s
#+++++++++++++++++++++++++++++++++++++
#
# JAILS
#
{% for jail in jails %}
#+++++++++++++++++++++++++++++++++++++
[{{ jail.name }}]
enabled = {{ jail.enabled }}
2023-10-27 08:24:20 +00:00
port = {{ jail.port | join(' ') }}
2023-10-27 08:01:03 +00:00
filter = {{ jail.filter }}
logpath = {{ jail.logpath }}
2023-10-27 08:24:20 +00:00
backend = {{ jail.backend }}
2023-10-27 08:01:03 +00:00
{% endfor %}
#+++++++++++++++++++++++++++++++++++++