From 39711cf6c2ec5a3b4480dcb4800cc3802bda5bf2 Mon Sep 17 00:00:00 2001 From: Lukasz Kasprzak Date: Fri, 20 Mar 2026 19:16:32 +0100 Subject: feat: first fully successful run e2e on straper --- .../fail2ban/etc-fail2ban/action.d/route.conf | 29 ++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/route.conf (limited to 'straper/db/public/fail2ban/etc-fail2ban/action.d/route.conf') diff --git a/straper/db/public/fail2ban/etc-fail2ban/action.d/route.conf b/straper/db/public/fail2ban/etc-fail2ban/action.d/route.conf new file mode 100644 index 0000000..9b96a7b --- /dev/null +++ b/straper/db/public/fail2ban/etc-fail2ban/action.d/route.conf @@ -0,0 +1,29 @@ +# Fail2Ban configuration file +# +# Author: Michael Gebetsroither +# +# This is for blocking whole hosts through blackhole routes. +# +# PRO: +# - Works on all kernel versions and as no compatibility problems (back to debian lenny and WAY further). +# - It's FAST for very large numbers of blocked ips. +# - It's FAST because it Blocks traffic before it enters common iptables chains used for filtering. +# - It's per host, ideal as action against ssh password bruteforcing to block further attack attempts. +# - No additional software required beside iproute/iproute2 +# +# CON: +# - Blocking is per IP and NOT per service, but ideal as action against ssh password bruteforcing hosts + +[Definition] +actionban = ip route add +actionunban = ip route del +actioncheck = +actionstart = +actionstop = + +[Init] + +# Option: blocktype +# Note: Type can be blackhole, unreachable and prohibit. Unreachable and prohibit correspond to the ICMP reject messages. +# Values: STRING +blocktype = unreachable -- cgit v1.3