From 83f7fe4b8402bab171d110703a1b1115efbc9b28 Mon Sep 17 00:00:00 2001 From: Lukasz Kasprzak Date: Tue, 14 Apr 2026 22:32:43 +0200 Subject: cleaned up many scrits and deleted some that were of no use; renamed a lot --- .../fail2ban/etc-fail2ban/action.d/mikrotik.conf | 84 ---------------------- 1 file changed, 84 deletions(-) delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/mikrotik.conf (limited to 'straper/db/public/fail2ban/etc-fail2ban/action.d/mikrotik.conf') diff --git a/straper/db/public/fail2ban/etc-fail2ban/action.d/mikrotik.conf b/straper/db/public/fail2ban/etc-fail2ban/action.d/mikrotik.conf deleted file mode 100644 index 9343c86..0000000 --- a/straper/db/public/fail2ban/etc-fail2ban/action.d/mikrotik.conf +++ /dev/null @@ -1,84 +0,0 @@ -# Fail2Ban configuration file -# -# Mikrotik routerOS action to add/remove address-list entries -# -# Author: Duncan Bellamy -# based on forum.mikrotik.com post by pakjebakmeel -# -# in the instructions: -# (10.0.0.1 is ip of mikrotik router) -# (10.0.0.2 is ip of fail2ban machine) -# -# on fail2ban machine: -# sudo mkdir /var/lib/fail2ban/ssh -# sudo chmod 700 /var/lib/fail2ban/ssh -# sudo ssh-keygen -N "" -f /var/lib/fail2ban/ssh/fail2ban_id_rsa -# sudo scp /var/lib/fail2ban/ssh/fail2ban_id_rsa.pub admin@10.0.0.1:/ -# ssh admin@10.0.0.1 -# -# on mikrotik router: -# /user add name=miki-f2b group=write address=10.0.0.2 password="" -# /user ssh-keys import public-key-file=fail2ban_id_rsa.pub user=miki-f2b -# /quit -# -# on fail2ban machine: -# (check password login fails) -# ssh miki-f2b@10.0.0.1 -# (check private key works) -# sudo ssh -i /var/lib/fail2ban/ssh/fail2ban_id_rsa miki-f2b@10.0.0.1 -# -# Then create rules on mikrorik router that use address -# list(s) maintained by fail2ban eg in the forward chain -# drop from address list, or in the forward chain drop -# from address list to server -# -# example extract from jail.local overriding some defaults -# action = mikrotik[keyfile="%(mkeyfile)s", user="%(muser)s", host="%(mhost)s", list="%(mlist)s"] -# -# ignoreip = 127.0.0.1/8 192.168.0.0/24 - -# mkeyfile = /etc/fail2ban/ssh/mykey_id_rsa -# muser = myuser -# mhost = 192.168.0.1 -# mlist = BAD LIST - -[Definition] - -actionstart = - -actionstop = %(actionflush)s - -actionflush = %(command)s "/ip firewall address-list remove [find list=\"%(list)s\" comment~\"%(startcomment)s-*\"]" - -actioncheck = - -actionban = %(command)s "/ip firewall address-list add list=\"%(list)s\" address= comment=%(comment)s" - -actionunban = %(command)s "/ip firewall address-list remove [find list=\"%(list)s\" comment=%(comment)s]" - -command = ssh -l %(user)s -p%(port)s -i %(keyfile)s %(host)s - -# Option: user -# Notes.: username to use when connecting to routerOS -user = -# Option: port -# Notes.: port to use when connecting to routerOS -port = 22 -# Option: keyfile -# Notes.: ssh private key to use for connecting to routerOS -keyfile = -# Option: host -# Notes.: hostname or ip of router -host = -# Option: list -# Notes.: name of "address-list" to use on router -list = Fail2Ban -# Option: startcomment -# Notes.: used as a prefix to all comments, and used to match for flushing rules -startcomment = f2b- -# Option: comment -# Notes.: comment to use on routerOS (must be unique as used for ip address removal) -comment = %(startcomment)s- - -[Init] -name="%(__name__)s" -- cgit v1.3