SHARE
TWEET

/etc/fail2ban/jail.conf example for Raspbian

TringaliLuca Feb 6th, 2017 183 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. [DEFAULT]
  2. ignoreip = 127.0.0.1
  3. fintime = 604800
  4. bantime = 604800
  5. maxretry = 3
  6.  
  7. destemail = root@localhost
  8. backend = auto
  9. mta = sendmail
  10. banaction = iptables-multiport
  11. protocol = tcp
  12. chain = INPUT
  13.  
  14. action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
  15.  
  16. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s", protocol="
  17. %(protocol)s", chain="%(chain)s"]
  18.  
  19. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]  %(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s"]
  20. action = %(action_)s
  21.  
  22. [ssh]
  23. enabled = yes
  24. port = ssh
  25. filter = sshd
  26. logpath = /var/log/auth.log
  27. bantime = -1
  28. maxretry = 3
  29.  
  30. [ssh-ddos]
  31. enabled = yes
  32. port = ssh
  33. filter = sshd-ddos
  34. logpath = /var/log/auth.log
  35. bantime = -1
  36. maxretry = 3
  37.  
  38. [apache-noscript]
  39. enabled = no
  40. port = httpd,httpds
  41. filter = apache-noscript
  42. logpath = /var/log/apache*/*error.log
  43. bantime = -1
  44. maxretry = 3
  45.  
  46. [apache-404]
  47. enabled = no
  48. port = httpd,httpds
  49. filter = apache-404
  50. logpath = /var/log/apache*/*error.log
  51. bantime = -1
  52. maxretry = 3
  53.  
  54. [proftp]
  55. enabled = yes
  56. ignoreip = 192.168.1.0/24
  57. port = ftp,ftp-data,ftps,ftps-data
  58. filter = proftpd
  59. logpath = /var/log/proftpd/proftpd.log  
  60. maxretry = 3
  61.  
  62. [vsftpd]
  63. enabled  = false
  64. port     = ftp,ftp-data,ftps,ftps-data
  65. filter   = vsftpd
  66. logpath  = /var/log/vsftpd.log
  67. maxretry = 5
  68.  
  69. [owncloud]
  70. enabled = no
  71. port = http,https,8443
  72. filter = owncloud
  73. logpath = /MyPath/owncloud.log
  74. bantime = -1
  75. maxretry = 3
  76.  
  77. [nginx-404]
  78. enabled = no
  79. port = http,https
  80. filter = nginx-404
  81. logpath = /var/log/nginx*/*access*.log
  82. bantime = -1
  83. maxretry = 3
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top