API tools faq
paste
Advertisement
Guest User

iptables-all.conf

a guest
Jul 6th, 2012
599
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.11 KB | None | 0 0
raw download clone embed print report
  1. # Fail2Ban configuration file
  2. #
  3. # Author: Cyril Jaquier
  4. # Modified: Yaroslav O. Halchenko <debian@onerussian.com>
  5. # made active on all ports from original iptables.conf
  6. # Modified: David Carlos Manuelda <stormbyte@gmail.com>
  7. added an explicit ban on INPUT to efectivelly block everything.
  8. # $Revision$
  9. #
  10.  
  11. [Definition]
  12.  
  13. # Option: actionstart
  14. # Notes.: command executed once at the start of Fail2Ban.
  15. # Values: CMD
  16. #
  17. actionstart = iptables -N fail2ban-<name>
  18. iptables -A fail2ban-<name> -j RETURN
  19. iptables -I <chain> -p <protocol> -j fail2ban-<name>
  20.  
  21. # Option: actionstop
  22. # Notes.: command executed once at the end of Fail2Ban
  23. # Values: CMD
  24. #
  25. actionstop = iptables -D <chain> -p <protocol> -j fail2ban-<name>
  26. iptables -F fail2ban-<name>
  27. iptables -X fail2ban-<name>
  28.  
  29. # Option: actioncheck
  30. # Notes.: command executed once before each actionban command
  31. # Values: CMD
  32. #
  33. actioncheck = iptables -n -L <chain> | grep -q fail2ban-<name>
  34.  
  35. # Option: actionban
  36. # Notes.: command executed when banning an IP. Take care that the
  37. # command is executed with Fail2Ban user rights.
  38. # Tags: <ip> IP address
  39. # <failures> number of failures
  40. # <time> unix timestamp of the ban time
  41. # Values: CMD
  42. #
  43. actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP
  44. iptables -I INPUT -s <ip> -j DROP
  45.  
  46. # Option: actionunban
  47. # Notes.: command executed when unbanning an IP. Take care that the
  48. # command is executed with Fail2Ban user rights.
  49. # Tags: <ip> IP address
  50. # <failures> number of failures
  51. # <time> unix timestamp of the ban time
  52. # Values: CMD
  53. #
  54. actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP
  55.  
  56. [Init]
  57.  
  58. # Defaut name of the chain
  59. #
  60. name = default
  61.  
  62. # Option: protocol
  63. # Notes.: internally used by config reader for interpolations.
  64. # Values: [ tcp | udp | icmp | all ] Default: tcp
  65. #
  66. protocol = tcp
  67.  
  68. # Option: chain
  69. # Notes specifies the iptables chain to which the fail2ban rules should be
  70. # added
  71. # Values: STRING Default: INPUT
  72. chain = INPUT
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!