API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 25th, 2016
66
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.31 KB | None | 0 0
raw download clone embed print report
  1. [DEFAULT]
  2.  
  3. ignoreip = 127.0.0.1/8
  4.  
  5. bantime = 6000
  6.  
  7. findtime = 600
  8. maxretry = 5
  9.  
  10. backend = auto
  11.  
  12. usedns = warn
  13.  
  14. destemail = withheld
  15.  
  16. sendername = Fail2Ban
  17.  
  18.  
  19. banaction = iptables-multiport
  20.  
  21. mta = sendmail
  22.  
  23. protocol = tcp
  24.  
  25. chain = INPUT
  26.  
  27.  
  28. action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
  29.  
  30. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
  31. %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s", sendername="%(sendername)s"]
  32.  
  33. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
  34. %(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s", sendername="%(sendername)s"]
  35.  
  36. action = %(action_mw1)s
  37.  
  38.  
  39.  
  40.  
  41. [ssh]
  42.  
  43. enabled = true
  44. port = ssh
  45. filter = sshd
  46. logpath = /var/log/auth.log
  47. maxretry = 6
  48.  
  49. [dropbear]
  50.  
  51. enabled = false
  52. port = ssh
  53. filter = dropbear
  54. logpath = /var/log/auth.log
  55. maxretry = 6
  56.  
  57. [pam-generic]
  58.  
  59. enabled = false
  60. filter = pam-generic
  61. port = all
  62. banaction = iptables-allports
  63. port = anyport
  64. logpath = /var/log/auth.log
  65. maxretry = 6
  66.  
  67. [xinetd-fail]
  68.  
  69. enabled = false
  70. filter = xinetd-fail
  71. port = all
  72. banaction = iptables-multiport-log
  73. logpath = /var/log/daemon.log
  74. maxretry = 2
  75.  
  76.  
  77. [ssh-ddos]
  78.  
  79. enabled = false
  80. port = ssh
  81. filter = sshd-ddos
  82. logpath = /var/log/auth.log
  83. maxretry = 6
  84.  
  85.  
  86.  
  87. [ssh-route]
  88.  
  89. enabled = false
  90. filter = sshd
  91. action = route
  92. logpath = /var/log/sshd.log
  93. maxretry = 6
  94.  
  95. [ssh-iptables-ipset4]
  96.  
  97. enabled = false
  98. port = ssh
  99. filter = sshd
  100. banaction = iptables-ipset-proto4
  101. logpath = /var/log/sshd.log
  102. maxretry = 6
  103.  
  104. [ssh-iptables-ipset6]
  105.  
  106. enabled = false
  107. port = ssh
  108. filter = sshd
  109. banaction = iptables-ipset-proto6
  110. logpath = /var/log/sshd.log
  111. maxretry = 6
  112.  
  113.  
  114.  
  115. [apache]
  116.  
  117. enabled = false
  118. port = http,https
  119. filter = apache-auth
  120. logpath = /var/log/apache*/*error.log
  121. maxretry = 6
  122.  
  123. [apache-multiport]
  124.  
  125. enabled = false
  126. port = http,https
  127. filter = apache-auth
  128. logpath = /var/log/apache*/*error.log
  129. maxretry = 6
  130.  
  131. [apache-noscript]
  132.  
  133. enabled = false
  134. port = http,https
  135. filter = apache-noscript
  136. logpath = /var/log/apache*/*error.log
  137. maxretry = 6
  138.  
  139. [apache-overflows]
  140.  
  141. enabled = false
  142. port = http,https
  143. filter = apache-overflows
  144. logpath = /var/log/apache*/*error.log
  145. maxretry = 2
  146.  
  147.  
  148. [php-url-fopen]
  149.  
  150. enabled = false
  151. port = http,https
  152. filter = php-url-fopen
  153. logpath = /var/www/*/logs/access_log
  154.  
  155.  
  156. [lighttpd-fastcgi]
  157.  
  158. enabled = false
  159. port = http,https
  160. filter = lighttpd-fastcgi
  161. logpath = /var/log/lighttpd/error.log
  162.  
  163.  
  164. [lighttpd-auth]
  165.  
  166. enabled = false
  167. port = http,https
  168. filter = suhosin
  169. logpath = /var/log/lighttpd/error.log
  170.  
  171. [nginx-http-auth]
  172.  
  173. enabled = false
  174. filter = nginx-http-auth
  175. port = http,https
  176. logpath = /var/log/nginx/error.log
  177.  
  178.  
  179. [roundcube-auth]
  180.  
  181. enabled = false
  182. filter = roundcube-auth
  183. port = http,https
  184. logpath = /var/log/roundcube/userlogins
  185.  
  186.  
  187. [sogo-auth]
  188.  
  189. enabled = false
  190. filter = sogo-auth
  191. port = http, https
  192. logpath = /var/log/sogo/sogo.log
  193.  
  194.  
  195.  
  196. [vsftpd]
  197.  
  198. enabled = false
  199. port = ftp,ftp-data,ftps,ftps-data
  200. filter = vsftpd
  201. logpath = /var/log/vsftpd.log
  202. maxretry = 6
  203.  
  204.  
  205. [proftpd]
  206.  
  207. enabled = false
  208. port = ftp,ftp-data,ftps,ftps-data
  209. filter = proftpd
  210. logpath = /var/log/proftpd/proftpd.log
  211. maxretry = 6
  212.  
  213.  
  214. [pure-ftpd]
  215.  
  216. enabled = false
  217. port = ftp,ftp-data,ftps,ftps-data
  218. filter = pure-ftpd
  219. logpath = /var/log/syslog
  220. maxretry = 6
  221.  
  222.  
  223. [wuftpd]
  224.  
  225. enabled = false
  226. port = ftp,ftp-data,ftps,ftps-data
  227. filter = wuftpd
  228. logpath = /var/log/syslog
  229. maxretry = 6
  230.  
  231.  
  232.  
  233. [postfix]
  234.  
  235. enabled = false
  236. port = smtp,ssmtp,submission
  237. filter = postfix
  238. logpath = /var/log/mail.log
  239.  
  240.  
  241. [couriersmtp]
  242.  
  243. enabled = false
  244. port = smtp,ssmtp,submission
  245. filter = couriersmtp
  246. logpath = /var/log/mail.log
  247.  
  248.  
  249.  
  250. [courierauth]
  251.  
  252. enabled = false
  253. port = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s
  254. filter = courierlogin
  255. logpath = /var/log/mail.log
  256.  
  257.  
  258. [sasl]
  259.  
  260. enabled = false
  261. port = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s
  262. filter = postfix-sasl
  263. logpath = /var/log/mail.log
  264.  
  265. [dovecot]
  266.  
  267. enabled = false
  268. port = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s
  269. filter = dovecot
  270. logpath = /var/log/mail.log
  271.  
  272. [mysqld-auth]
  273.  
  274. enabled = false
  275. filter = mysqld-auth
  276. port = 3306
  277. logpath = /var/log/mysqld.log
  278.  
  279.  
  280.  
  281.  
  282.  
  283.  
  284. [named-refused-tcp]
  285.  
  286. enabled = false
  287. port = domain,953
  288. protocol = tcp
  289. filter = named-refused
  290. logpath = /var/log/named/security.log
  291.  
  292. [asterisk-tcp]
  293.  
  294. enabled = false
  295. filter = asterisk
  296. port = 5060,5061
  297. protocol = tcp
  298. logpath = /var/log/asterisk/messages
  299.  
  300. [asterisk-udp]
  301.  
  302. enabled = false
  303. filter = asterisk
  304. port = 5060,5061
  305. protocol = udp
  306. logpath = /var/log/asterisk/messages
  307.  
  308.  
  309. [recidive]
  310.  
  311. enabled = false
  312. filter = recidive
  313. logpath = /var/log/fail2ban.log
  314. action = iptables-allports[name=recidive]
  315. sendmail-whois-lines[name=recidive, logpath=/var/log/fail2ban.log]
  316. bantime = 604800 ; 1 week
  317. findtime = 86400 ; 1 day
  318. maxretry = 5
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!