← Back to branch summary

~ubuntu-branches/ubuntu/vivid/fail2ban/vivid

« back to all changes in this revision

Viewing changes to config/action.d/iptables-multiport-log.conf

  • Committer: Package Import Robot
  • Author(s): Yaroslav Halchenko
  • Date: 2013-05-13 11:58:56 UTC
  • mfrom: (1.2.6) (11.1.5 experimental)
  • Revision ID: package-import@ubuntu.com-20130513115856-r1wwsd58ajx2ub5o
Tags: 0.8.9-1
http://bugs.debian.org/400416
http://bugs.debian.org/699442
http://bugs.debian.org/686341
http://bugs.debian.org/704568
http://bugs.debian.org/691001
* New upstream release
  - significant improvements in documentation (Closes: #400416)
  - roundcube auth filter (Closes: #699442)
  - enforces C locale for dates (Closes: #686341)
  - provides bash_completion.d/fail2ban
* debian/jail.conf:
  - added findtime and documentation on those basic options from jail.conf
    (Closes: #704568)
  - added new sample jails definitions for ssh-route, ssh-iptables-ipset{4,6},
    roundcube-auth, sogo-auth, mysqld-auth
* debian/control:
  - suggest system-log-daemon (Closes: #691001)
  - boost policy compliance to 3.9.4
* debian/rules:
  - run fail2ban's unittests at build time but ignore the failures
    (there are still some known issues to fix up to guarantee robust testing
    in clean chroots etc).
    Only pyinotify was added to build-depends since gamin might still be
    buggy on older releases and get stuck, which would complicate
    backporting

Show diffs side-by-side

added added

removed removed

Lines of Context:
config/action.d/iptables-multiport-log.conf
7
7
# make "fail2ban-<name>-log" chain to log and drop
8
8
# insert a jump to fail2ban-<name> from -I <chain> if proto/port match
9
9
#
10
 
# $Revision$
11
10
#
12
11
 
 
12
[INCLUDES]
 
13
 
 
14
before = iptables-blocktype.conf
 
15
 
13
16
[Definition]
14
17
 
15
18
# Option:  actionstart
21
24
              iptables -I <chain> 1 -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
22
25
              iptables -N fail2ban-<name>-log
23
26
              iptables -I fail2ban-<name>-log -j LOG --log-prefix "$(expr fail2ban-<name> : '\(.\{1,23\}\)'):DROP " --log-level warning -m limit --limit 6/m --limit-burst 2
24
 
              iptables -A fail2ban-<name>-log -j DROP
 
27
              iptables -A fail2ban-<name>-log -j <blocktype>
25
28
 
26
29
# Option:  actionstop
27
30
# Notes.:  command executed once at the end of Fail2Ban
42
45
# Option:  actionban
43
46
# Notes.:  command executed when banning an IP. Take care that the
44
47
#          command is executed with Fail2Ban user rights.
45
 
# Tags:    <ip>  IP address
46
 
#          <failures>  number of failures
47
 
#          <time>  unix timestamp of the ban time
 
48
# Tags:    See jail.conf(5) man page
48
49
# Values:  CMD
49
50
#
50
51
actionban = iptables -I fail2ban-<name> 1 -s <ip> -j fail2ban-<name>-log
52
53
# Option:  actionunban
53
54
# Notes.:  command executed when unbanning an IP. Take care that the
54
55
#          command is executed with Fail2Ban user rights.
55
 
# Tags:    <ip>  IP address
56
 
#          <failures>  number of failures
57
 
#          <time>  unix timestamp of the ban time
 
56
# Tags:    See jail.conf(5) man page
58
57
# Values:  CMD
59
58
#
60
59
actionunban = iptables -D fail2ban-<name> -s <ip> -j fail2ban-<name>-log
61
60
 
62
61
[Init]
63
62
 
64
 
# Defaut name of the chain
 
63
# Default name of the chain
65
64
#
66
65
name = default
67
66