# Custom fail2ban conf #+++++++++++++++++++++++++++++++++++++ # 31536000 ; year # 18144000 ; 30days # 604800 ; 1 week # 86400 ; 1 day # 3600 ; 1 hour #+++++++++++++++++++++++++++++++++++++ [INCLUDES] # # INCLUDES # before = paths-debian.conf #+++++++++++++++++++++++++++++++++++++ # The DEFAULT allows a global definition of the options. They can be overridden # in each jail afterwards. [DEFAULT] # # OPTIONS CONF DEFAULT # # ignorecommand = bantime = {{ bantime }} findtime = {{ findtime }} maxretry = {{ maxretry }} maxmatches = %(maxretry)s backend = auto usedns = warn logencoding = auto enabled = false mode = normal filter = %(__name__)s[mode=%(mode)s] destemail = sysadmin@verdnatura.es sender = root@ mta = mail protocol = tcp chain = port = 0:65535 fail2ban_agent = Fail2Ban/%(fail2ban_version)s banaction = nftables-multiport banaction_allports = nftables-allports action_ = %(banaction)s[port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] action_mw = %(action_)s %(mta)s-whois[sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"] action_mwl = %(action_)s %(mta)s-whois-lines[sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_xarf = %(action_)s xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"] action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"] action_blocklist_de = blocklist_de[email="%(sender)s", service="%(__name__)s", apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"] action_abuseipdb = abuseipdb action = %(action_mwl)s #+++++++++++++++++++++++++++++++++++++ # # JAILS # {% for jail in jails %} #+++++++++++++++++++++++++++++++++++++ [{{ jail.name }}] enabled = {{ jail.enabled }} filter = {{ jail.filter }} logpath = {{ jail.logpath }} port = {{ jail.port | join(' ') }} {% endfor %} #+++++++++++++++++++++++++++++++++++++