#!/bin/bashred='\033[0;31m'green='\033[0;32m'yellow='\033[0;33m'plain=

1. #!/bin/bash
2.  
3. red='\033[0;31m'
4. green='\033[0;32m'
5. yellow='\033[0;33m'
6. plain='\033[0m'
7.  
8.  
9.  
10. create_iplimit_jails() {
11.  
12. cat << EOF > /var/lib/docker/volumes/xray-turk2_fail2ban/_data/jail.d/3x-ipl.conf
13. [3x-ipl]
14. enabled=true
15. filter=3x-ipl
16. action=3x-ipl
17. logpath=/var/log/3xipl.log
18. maxretry=2
19. findtime=60
20. bantime=5m
21. EOF
22.  
23. cat << EOF > /var/lib/docker/volumes/xray-turk2_fail2ban/_data/filter.d/3x-ipl.conf
24. [Definition]
25. datepattern = ^%%Y/%%m/%%d %%H:%%M:%%S
26. failregex = \[LIMIT_IP\]\s*Email\s*=\s*<F-USER>.+</F-USER>\s*\|\|\s*SRC\s*=\s*<ADDR>
27. ignoreregex =
28. EOF
29.  
30. cat << EOF > /var/lib/docker/volumes/xray-turk2_fail2ban/_data/action.d/3x-ipl.conf
31. [INCLUDES]
32. before = iptables-common.conf
33.  
34. [Definition]
35. actionstart = <iptables> -N f2b-<name>
36. <iptables> -A f2b-<name> -j <returntype>
37. <iptables> -I <chain> -p <protocol> -j f2b-<name>
38.  
39. actionstop = <iptables> -D <chain> -p <protocol> -j f2b-<name>
40. <actionflush>
41. <iptables> -X f2b-<name>
42.  
43. actioncheck = <iptables> -n -L <chain> | grep -q 'f2b-<name>[ \t]'
44.  
45. actionban = <iptables> -I f2b-<name> 1 -s <ip> -j <blocktype>
46. echo "\$(date +"%%Y/%%m/%%d %%H:%%M:%%S") BAN [Email] = <F-USER> [IP] = <ip> banned for <bantime> seconds." >> /var/log/3xipl-banned.log
47.  
48. actionunban = <iptables> -D f2b-<name> -s <ip> -j <blocktype>
49. echo "\$(date +"%%Y/%%m/%%d %%H:%%M:%%S") UNBAN [Email] = <F-USER> [IP] = <ip> unbanned." >> /var/log/3xipl-banned.log
50.  
51. [Init]
52. EOF
53.  
54. cat << EOF > /var/lib/docker/volumes/xray-turk2_fail2ban/_data/action.d/iptables-common.conf
55. # Fail2Ban configuration file
56. #
57. # Author: Daniel Black
58. #
59. # This is a included configuration file and includes the definitions for the iptables
60. # used in all iptables based actions by default.
61. #
62. # The user can override the defaults in iptables-common.local
63. #
64. # Modified: Alexander Koeppe <[email protected]>, Serg G. Brester <[email protected]>
65. # made config file IPv6 capable (see new section Init?family=inet6)
66.  
67. [INCLUDES]
68.  
69. after = iptables-blocktype.local
70. iptables-common.local
71. # iptables-blocktype.local is obsolete
72.  
73. [Definition]
74.  
75. # Option: actionflush
76. # Notes.: command executed once to flush IPS, by shutdown (resp. by stop of the jail or this action)
77. # Values: CMD
78. #
79. actionflush = <iptables> -F f2b-<name>
80.  
81.  
82. [Init]
83.  
84. # Option: chain
85. # Notes specifies the iptables chain to which the Fail2Ban rules should be
86. # added
87. # Values: STRING Default: INPUT
88. chain = INPUT
89.  
90. # Default name of the chain
91. #
92. name = default
93.  
94. # Option: port
95. # Notes.: specifies port to monitor
96. # Values: [ NUM | STRING ] Default:
97. #
98. port = ssh
99.  
100. # Option: protocol
101. # Notes.: internally used by config reader for interpolations.
102. # Values: [ tcp | udp | icmp | all ] Default: tcp
103. #
104. protocol = tcp
105.  
106. # Option: blocktype
107. # Note: This is what the action does with rules. This can be any jump target
108. # as per the iptables man page (section 8). Common values are DROP
109. # REJECT, REJECT --reject-with icmp-port-unreachable
110. # Values: STRING
111. blocktype = REJECT --reject-with icmp-port-unreachable
112.  
113. # Option: returntype
114. # Note: This is the default rule on "actionstart". This should be RETURN
115. # in all (blocking) actions, except REJECT in allowing actions.
116. # Values: STRING
117. returntype = RETURN
118.  
119. # Option: lockingopt
120. # Notes.: Option was introduced to iptables to prevent multiple instances from
121. # running concurrently and causing irratic behavior. -w was introduced
122. # in iptables 1.4.20, so might be absent on older systems
123. # See https://github.com/fail2ban/fail2ban/issues/1122
124. # Values: STRING
125. lockingopt = -w
126.  
127. # Option: iptables
128. # Notes.: Actual command to be executed, including common to all calls options
129. # Values: STRING
130. iptables = iptables <lockingopt>
131.  
132.  
133. [Init?family=inet6]
134.  
135. # Option: blocktype (ipv6)
136. # Note: This is what the action does with rules. This can be any jump target
137. # as per the iptables man page (section 8). Common values are DROP
138. # REJECT, REJECT --reject-with icmp6-port-unreachable
139. # Values: STRING
140. blocktype = REJECT --reject-with icmp6-port-unreachable
141.  
142. # Option: iptables (ipv6)
143. # Notes.: Actual command to be executed, including common to all calls options
144. # Values: STRING
145. iptables = ip6tables <lockingopt>
146.  
147. EOF
148.  
149. echo -e "${green}Created Ip Limit jail files with a bantime of 5 minutes.${plain}"
150. }
151.  
152. iplimit_remove_conflicts() {
153. local jail_files=(
154. /var/lib/docker/volumes/xray-turk2_fail2ban/_data/jail.conf
155. /var/lib/docker/volumes/xray-turk2_fail2ban/_data/jail.local
156. )
157.  
158. for file in "${jail_files[@]}"; do
159. # Check for [3x-ipl] config in jail file then remove it
160. if test -f "${file}" && grep -qw '3x-ipl' ${file}; then
161. sed -i "/\[3x-ipl\]/,/^$/d" ${file}
162. echo -e "${yellow}Removing conflicts of [3x-ipl] in jail (${file})!${plain}\n"
163. fi
164. done
165. }
166.  
167.  
168.  
169. iplimit_remove_conflicts
170.  
171. create_iplimit_jails
172.