blob: 8a6b97f9a9dfb6680516c48b3d1a6042efb3e7e1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
# Sample jail.local config
[DEFAULT]
ignoreip = 127.0.0.1/24
bantime = 86400
findtime = 300
maxretry = 3
banaction = iptables-multiport
backend = systemd
# Action to ban using IP tables and send matrix notification
action_tg = %(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain>
matrix[name=%(__name__)s]
# The simplest action to take: ban only
action = %(action_tg)s
# SSH jail
[sshd]
enabled = true
port = 22
logpath = /var/log/auth.log
backend = %(sshd_backend)s
filter = sshd
# Apache2 auth jail
[apache-auth]
enabled = true
port = http,https
logpath = /var/log/apache2/error.log
filter = apache-auth
maxretry = 3
# Apache2 pass jail
[apache-pass]
enabled = true
port = http,https
logpath = /var/log/apache2/access.log
filter = apache-pass
maxretry = 3
|
ArKa projects. All rights to me, and your next child right arm.
