63 lines
1.5 KiB
Plaintext
63 lines
1.5 KiB
Plaintext
[DEFAULT]
|
|
|
|
#
|
|
# ACTIONS
|
|
#
|
|
|
|
# Default banning action (e.g. iptables, iptables-new,
|
|
# iptables-multiport, shorewall, etc) It is used to define
|
|
# action_* variables. Can be overridden globally or per
|
|
# section within jail.local file
|
|
##banaction = iptables-multiport
|
|
banaction = ip64tables-multiport
|
|
|
|
## - Note:
|
|
## - sendmail-only-ban must be configured. See action.d/sendmail-only-ban.local
|
|
## -
|
|
action_m = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
|
|
%(mta)s-only-ban_unban[name=%(__name__)s, dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"]
|
|
|
|
## - Choose default action
|
|
## -
|
|
action = %(action_m)s
|
|
#action = %(action_)s
|
|
|
|
|
|
[sshd]
|
|
|
|
enabled = true
|
|
port = ssh
|
|
filter = sshd
|
|
logpath = /var/log/auth.log
|
|
findtime = 600
|
|
maxretry = 6
|
|
bantime = 86400
|
|
|
|
|
|
[postfix-sasl]
|
|
|
|
enabled = true
|
|
port = smtp,465,submission
|
|
#port = smtp,465,submission,143,imaps,pop3,pop3s
|
|
filter = postfix-sasl
|
|
# You might consider monitoring /var/log/mail.warn instead if you are
|
|
# running postfix since it would provide the same log lines at the
|
|
# "warn" level but overall at the smaller filesize.
|
|
logpath = /var/log/mail.warn
|
|
findtime = 60
|
|
maxretry = 10
|
|
bantime = 3600
|
|
|
|
|
|
[dovecot-pop3imap]
|
|
|
|
enabled = true
|
|
filter = dovecot-pop3imap
|
|
port = pop3,pop3s,143,imaps
|
|
protocol = tcp
|
|
#action = ip64tables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,143,imaps", protocol=tcp]
|
|
logpath = /var/log/dovecot/dovecot.log
|
|
maxretry = 20
|
|
findtime = 1200
|
|
bantime = 1200
|