From 39711cf6c2ec5a3b4480dcb4800cc3802bda5bf2 Mon Sep 17 00:00:00 2001 From: Lukasz Kasprzak Date: Fri, 20 Mar 2026 19:16:32 +0100 Subject: feat: first fully successful run e2e on straper --- .../action.d/firewallcmd-rich-logging.conf | 29 ++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/firewallcmd-rich-logging.conf (limited to 'straper/db/public/fail2ban/etc-fail2ban/action.d/firewallcmd-rich-logging.conf') diff --git a/straper/db/public/fail2ban/etc-fail2ban/action.d/firewallcmd-rich-logging.conf b/straper/db/public/fail2ban/etc-fail2ban/action.d/firewallcmd-rich-logging.conf new file mode 100644 index 0000000..21e4508 --- /dev/null +++ b/straper/db/public/fail2ban/etc-fail2ban/action.d/firewallcmd-rich-logging.conf @@ -0,0 +1,29 @@ +# Fail2Ban configuration file +# +# Authors: Donald Yandt, Sergey G. Brester +# +# Because of the rich rule commands requires firewalld-0.3.1+ +# This action uses firewalld rich-rules which gives you a cleaner iptables since it stores rules according to zones and not +# by chain. So for an example all deny rules will be listed under _deny and all log rules under _log. +# +# Also this action logs banned access attempts so you can filter that and increase ban time for offenders. +# +# If you use the --permanent rule you get a xml file in /etc/firewalld/zones/.xml that can be shared and parsed easliy +# +# This is an derivative of firewallcmd-rich-rules.conf, see there for details and other parameters. + +[INCLUDES] + +before = firewallcmd-rich-rules.conf + +[Definition] + +rich-suffix = log prefix='f2b-' level='' limit value='/m' + +[Init] + +# log levels are "emerg", "alert", "crit", "error", "warning", "notice", "info" or "debug" +level = info + +# log rate per minute +rate = 1 -- cgit v1.3