diff options
Diffstat (limited to 'straper/db/public/fail2ban/etc-fail2ban/action.d/cloudflare-token.conf')
| -rw-r--r-- | straper/db/public/fail2ban/etc-fail2ban/action.d/cloudflare-token.conf | 93 |
1 files changed, 0 insertions, 93 deletions
diff --git a/straper/db/public/fail2ban/etc-fail2ban/action.d/cloudflare-token.conf b/straper/db/public/fail2ban/etc-fail2ban/action.d/cloudflare-token.conf deleted file mode 100644 index ff5f5c4..0000000 --- a/straper/db/public/fail2ban/etc-fail2ban/action.d/cloudflare-token.conf +++ /dev/null @@ -1,93 +0,0 @@ -# -# Author: Logic-32 -# -# IMPORTANT -# -# Please set jail.local's permission to 640 because it contains your CF API token. -# -# This action depends on curl. -# -# To get your Cloudflare API token: https://developers.cloudflare.com/api/tokens/create/ -# -# Cloudflare Firewall API: https://developers.cloudflare.com/firewall/api/cf-firewall-rules/endpoints/ - -[Definition] - -# Option: actionstart -# Notes.: command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false). -# Values: CMD -# -actionstart = - -# Option: actionstop -# Notes.: command executed at the stop of jail (or at the end of Fail2Ban) -# Values: CMD -# -actionstop = - -# Option: actioncheck -# Notes.: command executed once before each actionban command -# Values: CMD -# -actioncheck = - -# Option: actionban -# Notes.: command executed when banning an IP. Take care that the -# command is executed with Fail2Ban user rights. -# Tags: <ip> IP address -# <failures> number of failures -# <time> unix timestamp of the ban time -# Values: CMD -actionban = curl -s -X POST "<_cf_api_url>" \ - <_cf_api_prms> \ - --data '{"mode":"<cfmode>","configuration":{"target":"<cftarget>","value":"<ip>"},"notes":"<notes>"}' - -# Option: actionunban -# Notes.: command executed when unbanning an IP. Take care that the -# command is executed with Fail2Ban user rights. -# Tags: <ip> IP address -# <failures> number of failures -# <time> unix timestamp of the ban time -# Values: CMD -# -actionunban = id=$(curl -s -X GET "<_cf_api_url>" \ - --data-urlencode "mode=<cfmode>" --data-urlencode "notes=<notes>" --data-urlencode "configuration.target=<cftarget>" --data-urlencode "configuration.value=<ip>" \ - <_cf_api_prms> \ - | awk -F"[,:}]" '{for(i=1;i<=NF;i++){if($i~/'id'\042/){print $(i+1)}}}' \ - | tr -d ' "' \ - | head -n 1) - if [ -z "$id" ]; then echo "<name>: id for <ip> cannot be found using target <cftarget>"; exit 0; fi; \ - curl -s -X DELETE "<_cf_api_url>/$id" \ - <_cf_api_prms> \ - --data '{"cascade": "none"}' - -_cf_api_url = https://api.cloudflare.com/client/v4/zones/<cfzone>/firewall/access_rules/rules -_cf_api_prms = -H "Authorization: Bearer <cftoken>" -H "Content-Type: application/json" - -[Init] - -# Declare your Cloudflare Authorization Bearer Token in the [DEFAULT] section of your jail.local file. - -# The Cloudflare <ZONE_ID> of the domain you want to manage. -# -# cfzone = - -# Your personal Cloudflare token. Ideally restricted to just have "Zone.Firewall Services" permissions. -# -# cftoken = - -# Target of the firewall rule. Default is "ip" (v4). -# -cftarget = ip - -# The firewall mode Cloudflare should use. Default is "block" (deny access). -# Consider also "js_challenge" or other "allowed_modes" if you want. -# -cfmode = block - -# The message to include in the firewall IP banning rule. -# -notes = Fail2Ban <name> - -[Init?family=inet6] -cftarget = ip6 |
