133 lines
3.0 KiB
Plaintext
133 lines
3.0 KiB
Plaintext
[DEFAULT]
|
|
|
|
#
|
|
# ACTIONS
|
|
#
|
|
|
|
# Some options used for actions
|
|
|
|
# Sender email address used solely for some actions
|
|
sender = fail2ban@<fq-hostname>
|
|
|
|
|
|
# Default banning action (e.g. iptables, iptables-new,
|
|
# iptables-multiport, shorewall, etc) It is used to define
|
|
# action_* variables. Can be overridden globally or per
|
|
# section within jail.local file
|
|
banaction = iptables-multiport
|
|
|
|
|
|
# ban & send an information e-mail to the destemail. No e-mail if unban.
|
|
#
|
|
# Note:
|
|
# sendmail-ban must be configured. See action.d/sendmail-ban.local
|
|
#
|
|
action_mb = %(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
|
|
%(mta)s-ban[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"]
|
|
|
|
# ban & send an information e-mail to the destemail. Also send an
|
|
# information e-mail if ip was unbanned.
|
|
#
|
|
# Note:
|
|
# sendmail-ban-unban must be configured. See action.d/sendmail-ban-unban.local
|
|
#
|
|
action_mbu = %(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
|
|
%(mta)s-ban-unban[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"]
|
|
|
|
# Choose default action
|
|
#
|
|
#action = %(action_mb)s
|
|
#action = %(action_mbu)s
|
|
action = %(action_)s
|
|
|
|
|
|
#
|
|
# JAIL
|
|
#
|
|
|
|
[sshd]
|
|
|
|
enabled = true
|
|
port = ssh
|
|
filter = sshd
|
|
logpath = /var/log/auth.log
|
|
findtime = 600
|
|
maxretry = 6
|
|
bantime = 86400
|
|
|
|
|
|
[postfix-rbl]
|
|
|
|
enabled = true
|
|
|
|
|
|
[postfix-sasl]
|
|
|
|
enabled = true
|
|
# - Take care to allowh 'whois' requests from this mashine. Maybe
|
|
# - you have configure your firewall
|
|
action = %(action_mwl)s
|
|
filter = postfix[mode=auth]
|
|
port = smtp,465,submission,imap2,imaps,pop3,pop3s
|
|
findtime = 360
|
|
maxretry = 30
|
|
bantime = 3600
|
|
|
|
|
|
[postfix-sasl-dos]
|
|
|
|
enabled = true
|
|
# - Take care to allowh 'whois' requests from this mashine. Maybe
|
|
# - you have configure your firewall
|
|
action = %(action_mwl)s
|
|
port = smtp,465,submission
|
|
filter = postfix[mode=sasl-dos]
|
|
#logpath = /var/log/mail.log
|
|
logpath = %(postfix_log)s
|
|
backend = %(postfix_backend)s
|
|
findtime = 60
|
|
maxretry = 20
|
|
bantime = 10800
|
|
|
|
|
|
[dovecot]
|
|
|
|
enabled = true
|
|
# - Take care to allowh 'whois' requests from this mashine. Maybe
|
|
# - you have configure your firewall
|
|
action = %(action_mwl)s
|
|
#action = %(action_mbu)s
|
|
port = pop3,pop3s,imap2,imaps,submission,465
|
|
filter = dovecot[mode=sql]
|
|
#mode = sql
|
|
logpath = /var/log/dovecot/dovecot.log
|
|
maxretry = 20
|
|
#maxretry = 4
|
|
findtime = 1200
|
|
bantime = 1800
|
|
|
|
|
|
[wp-login]
|
|
enabled = true
|
|
action = %(action_mbu)s
|
|
filter = wp-login
|
|
port = http,https
|
|
logpath = /var/log/apache2/ipv4_requests.log
|
|
/var/log/apache2/ip_requests.log
|
|
maxretry = 10
|
|
findtime = 600
|
|
bantime = 10800
|
|
|
|
|
|
[wp-xmlrpc]
|
|
enabled = true
|
|
action = %(action_mbu)s
|
|
filter = wp-xmlrpc
|
|
port = http,https
|
|
logpath = /var/log/apache2/ipv4_requests.log
|
|
/var/log/apache2/ip_requests.log
|
|
maxretry = 5
|
|
findtime = 600
|
|
bantime = 10800
|
|
|