Advertisement
Guest User

iptables-all.conf

a guest
Jul 6th, 2012
407
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # Fail2Ban configuration file
  2. #
  3. # Author: Cyril Jaquier
  4. # Modified: Yaroslav O. Halchenko <debian@onerussian.com>
  5. # made active on all ports from original iptables.conf
  6. # Modified: David Carlos Manuelda <stormbyte@gmail.com>
  7. added an explicit ban on INPUT to efectivelly block everything.
  8. # $Revision$
  9. #
  10.  
  11. [Definition]
  12.  
  13. # Option: actionstart
  14. # Notes.: command executed once at the start of Fail2Ban.
  15. # Values: CMD
  16. #
  17. actionstart = iptables -N fail2ban-<name>
  18. iptables -A fail2ban-<name> -j RETURN
  19. iptables -I <chain> -p <protocol> -j fail2ban-<name>
  20.  
  21. # Option: actionstop
  22. # Notes.: command executed once at the end of Fail2Ban
  23. # Values: CMD
  24. #
  25. actionstop = iptables -D <chain> -p <protocol> -j fail2ban-<name>
  26. iptables -F fail2ban-<name>
  27. iptables -X fail2ban-<name>
  28.  
  29. # Option: actioncheck
  30. # Notes.: command executed once before each actionban command
  31. # Values: CMD
  32. #
  33. actioncheck = iptables -n -L <chain> | grep -q fail2ban-<name>
  34.  
  35. # Option: actionban
  36. # Notes.: command executed when banning an IP. Take care that the
  37. # command is executed with Fail2Ban user rights.
  38. # Tags: <ip> IP address
  39. # <failures> number of failures
  40. # <time> unix timestamp of the ban time
  41. # Values: CMD
  42. #
  43. actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP
  44. iptables -I INPUT -s <ip> -j DROP
  45.  
  46. # Option: actionunban
  47. # Notes.: command executed when unbanning an IP. Take care that the
  48. # command is executed with Fail2Ban user rights.
  49. # Tags: <ip> IP address
  50. # <failures> number of failures
  51. # <time> unix timestamp of the ban time
  52. # Values: CMD
  53. #
  54. actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP
  55.  
  56. [Init]
  57.  
  58. # Defaut name of the chain
  59. #
  60. name = default
  61.  
  62. # Option: protocol
  63. # Notes.: internally used by config reader for interpolations.
  64. # Values: [ tcp | udp | icmp | all ] Default: tcp
  65. #
  66. protocol = tcp
  67.  
  68. # Option: chain
  69. # Notes specifies the iptables chain to which the fail2ban rules should be
  70. # added
  71. # Values: STRING Default: INPUT
  72. chain = INPUT
Advertisement
Advertisement
Advertisement
RAW Paste Data Copied
Advertisement