aboutsummaryrefslogtreecommitdiff
path: root/straper/db/public/fail2ban/etc-fail2ban/action.d/firewallcmd-rich-logging.conf
diff options
context:
space:
mode:
Diffstat (limited to 'straper/db/public/fail2ban/etc-fail2ban/action.d/firewallcmd-rich-logging.conf')
-rw-r--r--straper/db/public/fail2ban/etc-fail2ban/action.d/firewallcmd-rich-logging.conf29
1 files changed, 29 insertions, 0 deletions
diff --git a/straper/db/public/fail2ban/etc-fail2ban/action.d/firewallcmd-rich-logging.conf b/straper/db/public/fail2ban/etc-fail2ban/action.d/firewallcmd-rich-logging.conf
new file mode 100644
index 0000000..21e4508
--- /dev/null
+++ b/straper/db/public/fail2ban/etc-fail2ban/action.d/firewallcmd-rich-logging.conf
@@ -0,0 +1,29 @@
+# Fail2Ban configuration file
+#
+# Authors: Donald Yandt, Sergey G. Brester
+#
+# Because of the rich rule commands requires firewalld-0.3.1+
+# This action uses firewalld rich-rules which gives you a cleaner iptables since it stores rules according to zones and not
+# by chain. So for an example all deny rules will be listed under <zone>_deny and all log rules under <zone>_log.
+#
+# Also this action logs banned access attempts so you can filter that and increase ban time for offenders.
+#
+# If you use the --permanent rule you get a xml file in /etc/firewalld/zones/<zone>.xml that can be shared and parsed easliy
+#
+# This is an derivative of firewallcmd-rich-rules.conf, see there for details and other parameters.
+
+[INCLUDES]
+
+before = firewallcmd-rich-rules.conf
+
+[Definition]
+
+rich-suffix = log prefix='f2b-<name>' level='<level>' limit value='<rate>/m' <rich-blocktype>
+
+[Init]
+
+# log levels are "emerg", "alert", "crit", "error", "warning", "notice", "info" or "debug"
+level = info
+
+# log rate per minute
+rate = 1