Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [INCLUDES]
- #before = paths-distro.conf
- before = paths-fedora.conf
- # The DEFAULT allows a global definition of the options. They can be overridden
- # in each jail afterwards.
- [DEFAULT]
- #
- # MISCELLANEOUS OPTIONS
- #
- # "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not
- # ban a host which matches an address in this list. Several addresses can be
- # defined using space (and/or comma) separator.
- ignoreip = 127.0.0.1/8
- # External command that will take an tagged arguments to ignore, e.g. <ip>,
- # and return true if the IP is to be ignored. False otherwise.
- #
- # ignorecommand = /path/to/command <ip>
- ignorecommand =
- # "bantime" is the number of seconds that a host is banned.
- # 86400 = 24h
- bantime = 43200
- # A host is banned if it has generated "maxretry" during the last "findtime"
- # seconds.
- #findtime = 600
- # 43200 = 12h
- findtime = 86400
- # "maxretry" is the number of failures before a host get banned.
- maxretry = 5
- # "backend" specifies the backend used to get files modification.
- # Available options are "pyinotify", "gamin", "polling", "systemd" and "auto".
- # This option can be overridden in each jail as well.
- #
- # pyinotify: requires pyinotify (a file alteration monitor) to be installed.
- # If pyinotify is not installed, Fail2ban will use auto.
- # gamin: requires Gamin (a file alteration monitor) to be installed.
- # If Gamin is not installed, Fail2ban will use auto.
- # polling: uses a polling algorithm which does not require external libraries.
- # systemd: uses systemd python library to access the systemd journal.
- # Specifying "logpath" is not valid for this backend.
- # See "journalmatch" in the jails associated filter config
- # auto: will try to use the following backends, in order:
- # pyinotify, gamin, polling.
- #
- # Note: if systemd backend is chosen as the default but you enable a jail
- # for which logs are present only in its own log files, specify some other
- # backend for that jail (e.g. polling) and provide empty value for
- # journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200
- backend = auto
- # "usedns" specifies if jails should trust hostnames in logs,
- # warn when DNS lookups are performed, or ignore all hostnames in logs
- #
- # yes: if a hostname is encountered, a DNS lookup will be performed.
- # warn: if a hostname is encountered, a DNS lookup will be performed,
- # but it will be logged as a warning.
- # no: if a hostname is encountered, will not be used for banning,
- # but it will be logged as info.
- usedns = no
- # "logencoding" specifies the encoding of the log files handled by the jail
- # This is used to decode the lines from the log file.
- # Typical examples: "ascii", "utf-8"
- #
- # auto: will use the system locale setting
- logencoding = auto
- # "enabled" enables the jails.
- # By default all jails are disabled, and it should stay this way.
- # Enable only relevant to your setup jails in your .local or jail.d/*.conf
- #
- # true: jail will be enabled and log files will get monitored for changes
- # false: jail is not enabled
- enabled = false
- # "filter" defines the filter to use by the jail.
- # By default jails have names matching their filter name
- #
- filter = %(__name__)s
- #
- # ACTIONS
- #
- # Some options used for actions
- # Destination email address used solely for the interpolations in
- # jail.{conf,local,d/*} configuration files.
- destemail = administrator@mydomain.tld
- # Sender email address used solely for some actions
- sender = fail2ban
- # E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA for the
- # mailing. Change mta configuration parameter to mail if you want to
- # revert to conventional 'mail'.
- #mta = sendmail
- mta = mail
- # Default protocol
- protocol = tcp
- # Specify chain where jumps would need to be added in iptables-* actions
- chain = INPUT
- # Ports to be banned
- # Usually should be overridden in a particular jail
- port = 0:65535
- # Format of user-agent https://tools.ietf.org/html/rfc7231#section-5.5.3
- fail2ban_agent = Fail2Ban/%(fail2ban_version)s
- #
- # Action shortcuts. To be used to define action parameter
- # Default banning action (e.g. iptables, iptables-new,
- # iptables-multiport, shorewall, etc) It is used to define
- # action_* variables. Can be overridden globally or per
- # section within jail.local file
- banaction = iptables-multiport
- banaction_allports = iptables-allports
- #disabled the action with _MWL as that sends out emails :-/
- #action = %(action_mwl)s
- action = %(action_)s
- #
- # Mail servers
- #
- [postfix]
- enabled = true
- port = smtp,465,submission
- logpath = %(postfix_log)s
- backend = %(postfix_backend)s
- action = %(action_mwl)s
- [postfix-rbl]
- enabled = true
- port = smtp,465,submission
- logpath = %(postfix_log)s
- backend = %(postfix_backend)s
- action = %(action_mwl)s
- maxretry = 5
- [postfix-sasl]
- enabled = true
- port = smtp,465,submission,imap3,imaps,pop3,pop3s
- logpath = %(postfix_log)s
- backend = %(postfix_backend)s
- maxretry = 5
- # Jail for more extended banning of persistent abusers
- # !!! WARNINGS !!!
- # 1. Make sure that your loglevel specified in fail2ban.conf/.local
- # is not at DEBUG level -- which might then cause fail2ban to fall into
- # an infinite loop constantly feeding itself with non-informative lines
- # 2. Increase dbpurgeage defined in fail2ban.conf to e.g. 648000 (7.5 days)
- # to maintain entries for failed logins for sufficient amount of time
- [recidive]
- #enabled = true
- logpath = /var/log/messages
- banaction = %(banaction_allports)s
- bantime = 604800 ; 1 week
- findtime = 259200 ; 3 days
- maxretry = 5
- action = %(action_mwl)s
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement