aboutsummaryrefslogtreecommitdiff
path: root/straper/db/public/fail2ban/etc-fail2ban/action.d/mynetwatchman.conf
diff options
context:
space:
mode:
authorLukasz Kasprzak <lukasz.kasprzak@pm.me>2026-04-14 22:32:43 +0200
committerLukasz Kasprzak <lukasz.kasprzak@pm.me>2026-04-14 22:32:43 +0200
commit83f7fe4b8402bab171d110703a1b1115efbc9b28 (patch)
tree19110702c7d740f6bd8ee4f5d2ebcb97442be237 /straper/db/public/fail2ban/etc-fail2ban/action.d/mynetwatchman.conf
parent51d43498b07dc97d795947964534f0903cd05db5 (diff)
downloadbin-83f7fe4b8402bab171d110703a1b1115efbc9b28.tar.gz
bin-83f7fe4b8402bab171d110703a1b1115efbc9b28.zip
cleaned up many scrits and deleted some that were of no use; renamed a lot
Diffstat (limited to 'straper/db/public/fail2ban/etc-fail2ban/action.d/mynetwatchman.conf')
-rw-r--r--straper/db/public/fail2ban/etc-fail2ban/action.d/mynetwatchman.conf143
1 files changed, 0 insertions, 143 deletions
diff --git a/straper/db/public/fail2ban/etc-fail2ban/action.d/mynetwatchman.conf b/straper/db/public/fail2ban/etc-fail2ban/action.d/mynetwatchman.conf
deleted file mode 100644
index b0ab2cc..0000000
--- a/straper/db/public/fail2ban/etc-fail2ban/action.d/mynetwatchman.conf
+++ /dev/null
@@ -1,143 +0,0 @@
-# Fail2Ban configuration file
-#
-# Author: Russell Odom <russ@gloomytrousers.co.uk>
-# Submits attack reports to myNetWatchman (http://www.mynetwatchman.com/)
-#
-# You MUST configure at least:
-# <port> (the port that's being attacked - use number not name).
-# <mnwlogin> (your mNW login).
-# <mnwpass> (your mNW password).
-#
-# You SHOULD also provide:
-# <myip> (your public IP address, if it's not the address of eth0)
-# <protocol> (the protocol in use - defaults to tcp)
-#
-# Best practice is to provide <port> and <protocol> in jail.conf like this:
-# action = mynetwatchman[port=1234,protocol=udp]
-#
-# ...and create "mynetwatchman.local" with contents something like this:
-# [Init]
-# mnwlogin = me@example.com
-# mnwpass = SECRET
-# myip = 10.0.0.1
-#
-# Another useful configuration value is <getcmd>, if you don't have wget
-# installed (an example config for curl is given below)
-#
-
-[Definition]
-
-# Option: actionstart
-# Notes.: command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false).
-# Values: CMD
-#
-actionstart =
-
-# Option: actionstop
-# Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
-# Values: CMD
-#
-actionstop =
-
-# Option: actioncheck
-# Notes.: command executed once before each actionban command
-# Values: CMD
-#
-actioncheck =
-
-# Option: actionban
-# Notes.: command executed when banning an IP. Take care that the
-# command is executed with Fail2Ban user rights.
-# Tags: See jail.conf(5) man page
-# Values: CMD
-#
-#
-# Note: We are currently using <time> for the timestamp because no tag is
-# available to indicate the timestamp of the log message(s) which triggered the
-# ban. Therefore the timestamps we are using in the report, whilst often only a
-# few seconds out, are incorrect. See
-# http://sourceforge.net/tracker/index.php?func=detail&aid=2017795&group_id=121032&atid=689047
-#
-actionban = MNWLOGIN=`perl -e '$s=shift;$s=~s/([\W])/"%%".uc(sprintf("%%2.2x",ord($1)))/eg;print $s' '<mnwlogin>'`
- MNWPASS=`perl -e '$s=shift;$s=~s/([\W])/"%%".uc(sprintf("%%2.2x",ord($1)))/eg;print $s' '<mnwpass>'`
- PROTOCOL=`awk '{IGNORECASE=1;if($1=="<protocol>"){print $2;exit}}' /etc/protocols`
- if [ -z "$PROTOCOL" ]; then PROTOCOL=<protocol>; fi
- DATETIME=`perl -e '@t=gmtime(<time>);printf "%%4d-%%02d-%%02d+%%02d:%%02d:%%02d",1900+$t[5],$t[4]+1,$t[3],$t[2],$t[1],$t[0]'`
- <getcmd> "<mnwurl>?AT=2&AV=0&AgentEmail=$MNWLOGIN&AgentPassword=$MNWPASS&AttackerIP=<ip>&SrcPort=<srcport>&ProtocolID=$PROTOCOL&DestPort=<port>&AttackCount=<failures>&VictimIP=<myip>&AttackDateTime=$DATETIME" 2>&1 >> <tmpfile>.out && grep -q 'Attack Report Insert Successful' <tmpfile>.out && rm -f <tmpfile>.out
-
-# Option: actionunban
-# Notes.: command executed when unbanning an IP. Take care that the
-# command is executed with Fail2Ban user rights.
-# Tags: See jail.conf(5) man page
-# Values: CMD
-#
-actionunban =
-
-[Init]
-# Option: port
-# Notes.: The target port for the attack (numerical). MUST be provided in
-# the jail config, as it cannot be detected here.
-# Values: [ NUM ] Default: ???
-#
-port = 0
-
-# Option: mnwlogin
-# Notes.: Your mNW login e-mail address. MUST be provided either in the jail
-# config or in a .local file.
-# Register at http://www.mynetwatchman.com/reg.asp
-# Values: [ STRING ] Default: (empty)
-#
-mnwlogin =
-
-# Option: mnwpass
-# Notes.: The password corresponding to your mNW login e-mail address. MUST be
-# provided either in the jail config or in a .local file.
-# Values: [ STRING ] Default: (empty)
-#
-mnwpass =
-
-# Option: myip
-# Notes.: The target IP for the attack (your public IP). Should be overridden
-# either in the jail config or in a .local file unless your PUBLIC IP
-# is the first IP assigned to eth0
-# Values: [ an IP address ] Default: Tries to find the IP address of eth0,
-# which in most cases will be a private IP, and therefore incorrect
-#
-myip = `ip -4 addr show dev eth0 | grep inet | head -n 1 | sed -r 's/.*inet ([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*/\1/'`
-
-# Option: protocol
-# Notes.: The protocol over which the attack is happening
-# Values: [ tcp | udp | icmp | (any other protocol name from /etc/protocols) | NUM ] Default: tcp
-#
-protocol = tcp
-
-# Option: agent
-# Default: Fail2ban
-agent = Fail2ban
-
-# Option: getcmd
-# Notes.: A command to fetch a URL. Should output page to STDOUT
-# Values: CMD Default: wget
-#
-getcmd = wget --no-verbose --tries=3 --waitretry=10 --connect-timeout=10 --read-timeout=60 --retry-connrefused --output-document=- --user-agent=<agent>
-# Alternative value:
-# getcmd = curl --silent --show-error --retry 3 --connect-timeout 10 --max-time 60 --user-agent <agent>
-
-# Option: srcport
-# Notes.: The source port of the attack. You're unlikely to have this info, so
-# you can leave the default
-# Values: [ NUM ] Default: 0
-#
-srcport = 0
-
-# Option: mnwurl
-# Notes.: The report service URL on the mNW site
-# Values: STRING Default: http://mynetwatchman.com/insertwebreport.asp
-#
-mnwurl = http://mynetwatchman.com/insertwebreport.asp
-
-# Option: tmpfile
-# Notes.: Base name of temporary files
-# Values: [ STRING ] Default: /var/run/fail2ban/tmp-mynetwatchman
-#
-tmpfile = /var/run/fail2ban/tmp-mynetwatchman