From 83f7fe4b8402bab171d110703a1b1115efbc9b28 Mon Sep 17 00:00:00 2001 From: Lukasz Kasprzak Date: Tue, 14 Apr 2026 22:32:43 +0200 Subject: cleaned up many scrits and deleted some that were of no use; renamed a lot --- .../fail2ban/etc-fail2ban/action.d/abuseipdb.conf | 104 --- .../public/fail2ban/etc-fail2ban/action.d/apf.conf | 25 - .../fail2ban/etc-fail2ban/action.d/apprise.conf | 49 - .../etc-fail2ban/action.d/blocklist_de.conf | 84 -- .../fail2ban/etc-fail2ban/action.d/bsd-ipfw.conf | 94 -- .../etc-fail2ban/action.d/cloudflare-token.conf | 93 -- .../fail2ban/etc-fail2ban/action.d/cloudflare.conf | 88 -- .../fail2ban/etc-fail2ban/action.d/complain.conf | 121 --- .../fail2ban/etc-fail2ban/action.d/dshield.conf | 207 ----- .../fail2ban/etc-fail2ban/action.d/dummy.conf | 63 -- .../action.d/firewallcmd-allports.conf | 45 - .../etc-fail2ban/action.d/firewallcmd-common.conf | 76 -- .../etc-fail2ban/action.d/firewallcmd-ipset.conf | 127 --- .../action.d/firewallcmd-multiport.conf | 26 - .../etc-fail2ban/action.d/firewallcmd-new.conf | 47 - .../action.d/firewallcmd-rich-logging.conf | 29 - .../action.d/firewallcmd-rich-rules.conf | 44 - .../etc-fail2ban/action.d/helpers-common.conf | 17 - .../fail2ban/etc-fail2ban/action.d/hostsdeny.conf | 62 -- .../fail2ban/etc-fail2ban/action.d/ipfilter.conf | 58 -- .../fail2ban/etc-fail2ban/action.d/ipfw.conf | 68 -- .../etc-fail2ban/action.d/iptables-allports.conf | 15 - .../action.d/iptables-ipset-proto4.conf | 74 -- .../action.d/iptables-ipset-proto6-allports.conf | 27 - .../action.d/iptables-ipset-proto6.conf | 27 - .../etc-fail2ban/action.d/iptables-ipset.conf | 96 -- .../action.d/iptables-multiport-log.conf | 68 -- .../etc-fail2ban/action.d/iptables-multiport.conf | 14 - .../etc-fail2ban/action.d/iptables-new.conf | 15 - .../action.d/iptables-xt_recent-echo.conf | 87 -- .../fail2ban/etc-fail2ban/action.d/iptables.conf | 162 ---- .../fail2ban/etc-fail2ban/action.d/ipthreat.conf | 107 --- .../etc-fail2ban/action.d/mail-buffered.conf | 86 -- .../etc-fail2ban/action.d/mail-whois-common.conf | 28 - .../etc-fail2ban/action.d/mail-whois-lines.conf | 92 -- .../fail2ban/etc-fail2ban/action.d/mail-whois.conf | 71 -- .../fail2ban/etc-fail2ban/action.d/mail.conf | 65 -- .../fail2ban/etc-fail2ban/action.d/mikrotik.conf | 84 -- .../etc-fail2ban/action.d/mynetwatchman.conf | 143 --- .../fail2ban/etc-fail2ban/action.d/netscaler.conf | 33 - .../etc-fail2ban/action.d/nftables-allports.conf | 17 - .../etc-fail2ban/action.d/nftables-common.local | 2 - .../etc-fail2ban/action.d/nftables-multiport.conf | 17 - .../fail2ban/etc-fail2ban/action.d/nftables.conf | 203 ----- .../etc-fail2ban/action.d/nginx-block-map.conf | 117 --- .../public/fail2ban/etc-fail2ban/action.d/npf.conf | 61 -- .../fail2ban/etc-fail2ban/action.d/nsupdate.conf | 114 --- .../fail2ban/etc-fail2ban/action.d/osx-afctl.conf | 16 - .../fail2ban/etc-fail2ban/action.d/osx-ipfw.conf | 87 -- .../public/fail2ban/etc-fail2ban/action.d/pf.conf | 128 --- .../fail2ban/etc-fail2ban/action.d/route.conf | 29 - .../etc-fail2ban/action.d/sendmail-buffered.conf | 99 -- .../etc-fail2ban/action.d/sendmail-common.conf | 77 -- .../action.d/sendmail-geoip-lines.conf | 59 -- .../action.d/sendmail-whois-ipjailmatches.conf | 41 - .../action.d/sendmail-whois-ipmatches.conf | 41 - .../action.d/sendmail-whois-lines.conf | 52 -- .../action.d/sendmail-whois-matches.conf | 41 - .../etc-fail2ban/action.d/sendmail-whois.conf | 40 - .../fail2ban/etc-fail2ban/action.d/sendmail.conf | 37 - .../action.d/shorewall-ipset-proto6.conf | 101 --- .../fail2ban/etc-fail2ban/action.d/shorewall.conf | 73 -- .../public/fail2ban/etc-fail2ban/action.d/smtp.py | 240 ----- .../action.d/symbiosis-blacklist-allports.conf | 60 -- .../public/fail2ban/etc-fail2ban/action.d/ufw.conf | 75 -- .../etc-fail2ban/action.d/xarf-login-attack.conf | 143 --- .../db/public/fail2ban/etc-fail2ban/fail2ban.conf | 92 -- .../fail2ban/etc-fail2ban/filter.d/3proxy.conf | 20 - .../etc-fail2ban/filter.d/apache-auth.conf | 71 -- .../etc-fail2ban/filter.d/apache-badbots.conf | 24 - .../etc-fail2ban/filter.d/apache-botsearch.conf | 39 - .../etc-fail2ban/filter.d/apache-common.conf | 44 - .../filter.d/apache-fakegooglebot.conf | 16 - .../etc-fail2ban/filter.d/apache-modsecurity.conf | 19 - .../etc-fail2ban/filter.d/apache-nohome.conf | 20 - .../etc-fail2ban/filter.d/apache-noscript.conf | 37 - .../etc-fail2ban/filter.d/apache-overflows.conf | 40 - .../etc-fail2ban/filter.d/apache-pass.conf | 19 - .../etc-fail2ban/filter.d/apache-shellshock.conf | 28 - .../fail2ban/etc-fail2ban/filter.d/assp.conf | 46 - .../fail2ban/etc-fail2ban/filter.d/asterisk.conf | 55 -- .../fail2ban/etc-fail2ban/filter.d/bitwarden.conf | 13 - .../etc-fail2ban/filter.d/botsearch-common.conf | 19 - .../fail2ban/etc-fail2ban/filter.d/centreon.conf | 9 - .../fail2ban/etc-fail2ban/filter.d/common.conf | 89 -- .../etc-fail2ban/filter.d/counter-strike.conf | 15 - .../etc-fail2ban/filter.d/courier-auth.conf | 21 - .../etc-fail2ban/filter.d/courier-smtp.conf | 22 - .../fail2ban/etc-fail2ban/filter.d/cyrus-imap.conf | 20 - .../fail2ban/etc-fail2ban/filter.d/dante.conf | 16 - .../etc-fail2ban/filter.d/directadmin.conf | 22 - .../etc-fail2ban/filter.d/domino-smtp.conf | 50 -- .../fail2ban/etc-fail2ban/filter.d/dovecot.conf | 50 -- .../fail2ban/etc-fail2ban/filter.d/dropbear.conf | 50 -- .../etc-fail2ban/filter.d/drupal-auth.conf | 26 - .../etc-fail2ban/filter.d/ejabberd-auth.conf | 40 - .../etc-fail2ban/filter.d/exim-common.conf | 51 -- .../fail2ban/etc-fail2ban/filter.d/exim-spam.conf | 50 -- .../fail2ban/etc-fail2ban/filter.d/exim.conf | 50 -- .../fail2ban/etc-fail2ban/filter.d/freeswitch.conf | 58 -- .../etc-fail2ban/filter.d/froxlor-auth.conf | 40 - .../fail2ban/etc-fail2ban/filter.d/gitlab.conf | 6 - .../fail2ban/etc-fail2ban/filter.d/grafana.conf | 9 - .../etc-fail2ban/filter.d/groupoffice.conf | 14 - .../fail2ban/etc-fail2ban/filter.d/gssftpd.conf | 18 - .../fail2ban/etc-fail2ban/filter.d/guacamole.conf | 51 -- .../etc-fail2ban/filter.d/haproxy-http-auth.conf | 37 - .../fail2ban/etc-fail2ban/filter.d/horde.conf | 16 - .../filter.d/ignorecommands/apache-fakegooglebot | 49 - .../fail2ban/etc-fail2ban/filter.d/kerio.conf | 24 - .../etc-fail2ban/filter.d/lighttpd-auth.conf | 10 - .../etc-fail2ban/filter.d/mongodb-auth.conf | 49 - .../fail2ban/etc-fail2ban/filter.d/monit.conf | 25 - .../fail2ban/etc-fail2ban/filter.d/monitorix.conf | 25 - .../fail2ban/etc-fail2ban/filter.d/mssql-auth.conf | 15 - .../fail2ban/etc-fail2ban/filter.d/murmur.conf | 34 - .../etc-fail2ban/filter.d/mysqld-auth.conf | 32 - .../fail2ban/etc-fail2ban/filter.d/nagios.conf | 17 - .../etc-fail2ban/filter.d/named-refused.conf | 53 -- .../etc-fail2ban/filter.d/nginx-bad-request.conf | 16 - .../etc-fail2ban/filter.d/nginx-botsearch.conf | 25 - .../etc-fail2ban/filter.d/nginx-error-common.conf | 32 - .../etc-fail2ban/filter.d/nginx-forbidden.conf | 29 - .../etc-fail2ban/filter.d/nginx-http-auth.conf | 43 - .../etc-fail2ban/filter.d/nginx-limit-req.conf | 56 -- .../public/fail2ban/etc-fail2ban/filter.d/nsd.conf | 31 - .../fail2ban/etc-fail2ban/filter.d/openhab.conf | 15 - .../etc-fail2ban/filter.d/openwebmail.conf | 15 - .../fail2ban/etc-fail2ban/filter.d/oracleims.conf | 63 -- .../etc-fail2ban/filter.d/pam-generic.conf | 33 - .../fail2ban/etc-fail2ban/filter.d/perdition.conf | 18 - .../etc-fail2ban/filter.d/php-url-fopen.conf | 23 - .../etc-fail2ban/filter.d/phpmyadmin-syslog.conf | 18 - .../fail2ban/etc-fail2ban/filter.d/portsentry.conf | 15 - .../fail2ban/etc-fail2ban/filter.d/postfix.conf | 81 -- .../fail2ban/etc-fail2ban/filter.d/proftpd.conf | 33 - .../fail2ban/etc-fail2ban/filter.d/pure-ftpd.conf | 40 - .../fail2ban/etc-fail2ban/filter.d/qmail.conf | 31 - .../fail2ban/etc-fail2ban/filter.d/recidive.conf | 51 -- .../etc-fail2ban/filter.d/roundcube-auth.conf | 39 - .../etc-fail2ban/filter.d/routeros-auth.conf | 10 - .../fail2ban/etc-fail2ban/filter.d/scanlogd.conf | 17 - .../etc-fail2ban/filter.d/screensharingd.conf | 31 - .../etc-fail2ban/filter.d/selinux-common.conf | 23 - .../etc-fail2ban/filter.d/selinux-ssh.conf | 27 - .../etc-fail2ban/filter.d/sendmail-auth.conf | 25 - .../etc-fail2ban/filter.d/sendmail-reject.conf | 68 -- .../fail2ban/etc-fail2ban/filter.d/sieve.conf | 18 - .../fail2ban/etc-fail2ban/filter.d/slapd.conf | 23 - .../etc-fail2ban/filter.d/softethervpn.conf | 9 - .../fail2ban/etc-fail2ban/filter.d/sogo-auth.conf | 22 - .../etc-fail2ban/filter.d/solid-pop3d.conf | 32 - .../fail2ban/etc-fail2ban/filter.d/squid.conf | 16 - .../etc-fail2ban/filter.d/squirrelmail.conf | 12 - .../filter.d/sshd-session-preauth.conf | 17 - .../filter.d/sshd-session-preauth.conf.bak | 3 - .../filter.d/sshd-session-preauth.local | 7 - .../fail2ban/etc-fail2ban/filter.d/sshd.conf | 139 --- .../fail2ban/etc-fail2ban/filter.d/sshd.local | 3 - .../fail2ban/etc-fail2ban/filter.d/stunnel.conf | 13 - .../fail2ban/etc-fail2ban/filter.d/suhosin.conf | 28 - .../fail2ban/etc-fail2ban/filter.d/tine20.conf | 24 - .../etc-fail2ban/filter.d/traefik-auth.conf | 76 -- .../etc-fail2ban/filter.d/uwimap-auth.conf | 17 - .../fail2ban/etc-fail2ban/filter.d/vsftpd.conf | 22 - .../etc-fail2ban/filter.d/webmin-auth.conf | 22 - .../fail2ban/etc-fail2ban/filter.d/wuftpd.conf | 22 - .../etc-fail2ban/filter.d/xinetd-fail.conf | 29 - .../etc-fail2ban/filter.d/znc-adminlog.conf | 34 - .../fail2ban/etc-fail2ban/filter.d/zoneminder.conf | 27 - straper/db/public/fail2ban/etc-fail2ban/jail.conf | 992 --------------------- .../fail2ban/etc-fail2ban/jail.d/99-sshd.local | 3 - .../etc-fail2ban/jail.d/defaults-debian.conf | 8 - .../etc-fail2ban/jail.d/sshd-session-preauth.local | 18 - .../public/fail2ban/etc-fail2ban/jail.d/sshd.local | 3 - .../fail2ban/etc-fail2ban/jail.d/sshd.local.bak | 5 - straper/db/public/fail2ban/etc-fail2ban/jail.local | 21 - .../public/fail2ban/etc-fail2ban/paths-arch.conf | 32 - .../public/fail2ban/etc-fail2ban/paths-common.conf | 93 -- .../public/fail2ban/etc-fail2ban/paths-debian.conf | 41 - .../fail2ban/etc-fail2ban/paths-opensuse.conf | 38 - 181 files changed, 9333 deletions(-) delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/abuseipdb.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/apf.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/apprise.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/blocklist_de.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/bsd-ipfw.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/cloudflare-token.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/cloudflare.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/complain.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/dshield.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/dummy.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/firewallcmd-allports.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/firewallcmd-common.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/firewallcmd-ipset.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/firewallcmd-multiport.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/firewallcmd-new.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/firewallcmd-rich-logging.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/firewallcmd-rich-rules.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/helpers-common.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/hostsdeny.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/ipfilter.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/ipfw.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/iptables-allports.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/iptables-ipset-proto4.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/iptables-ipset-proto6-allports.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/iptables-ipset-proto6.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/iptables-ipset.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/iptables-multiport-log.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/iptables-multiport.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/iptables-new.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/iptables-xt_recent-echo.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/iptables.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/ipthreat.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/mail-buffered.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/mail-whois-common.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/mail-whois-lines.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/mail-whois.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/mail.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/mikrotik.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/mynetwatchman.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/netscaler.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/nftables-allports.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/nftables-common.local delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/nftables-multiport.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/nftables.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/nginx-block-map.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/npf.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/nsupdate.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/osx-afctl.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/osx-ipfw.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/pf.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/route.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/sendmail-buffered.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/sendmail-common.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/sendmail-geoip-lines.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/sendmail-whois-ipjailmatches.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/sendmail-whois-ipmatches.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/sendmail-whois-lines.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/sendmail-whois-matches.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/sendmail-whois.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/sendmail.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/shorewall-ipset-proto6.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/shorewall.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/smtp.py delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/symbiosis-blacklist-allports.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/ufw.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/xarf-login-attack.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/fail2ban.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/3proxy.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/apache-auth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/apache-badbots.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/apache-botsearch.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/apache-common.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/apache-fakegooglebot.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/apache-modsecurity.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/apache-nohome.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/apache-noscript.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/apache-overflows.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/apache-pass.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/apache-shellshock.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/assp.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/asterisk.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/bitwarden.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/botsearch-common.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/centreon.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/common.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/counter-strike.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/courier-auth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/courier-smtp.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/cyrus-imap.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/dante.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/directadmin.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/domino-smtp.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/dovecot.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/dropbear.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/drupal-auth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/ejabberd-auth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/exim-common.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/exim-spam.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/exim.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/freeswitch.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/froxlor-auth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/gitlab.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/grafana.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/groupoffice.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/gssftpd.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/guacamole.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/haproxy-http-auth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/horde.conf delete mode 100755 straper/db/public/fail2ban/etc-fail2ban/filter.d/ignorecommands/apache-fakegooglebot delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/kerio.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/lighttpd-auth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/mongodb-auth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/monit.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/monitorix.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/mssql-auth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/murmur.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/mysqld-auth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/nagios.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/named-refused.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/nginx-bad-request.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/nginx-botsearch.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/nginx-error-common.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/nginx-forbidden.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/nginx-http-auth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/nginx-limit-req.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/nsd.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/openhab.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/openwebmail.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/oracleims.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/pam-generic.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/perdition.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/php-url-fopen.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/phpmyadmin-syslog.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/portsentry.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/postfix.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/proftpd.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/pure-ftpd.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/qmail.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/recidive.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/roundcube-auth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/routeros-auth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/scanlogd.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/screensharingd.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/selinux-common.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/selinux-ssh.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/sendmail-auth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/sendmail-reject.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/sieve.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/slapd.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/softethervpn.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/sogo-auth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/solid-pop3d.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/squid.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/squirrelmail.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/sshd-session-preauth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/sshd-session-preauth.conf.bak delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/sshd-session-preauth.local delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/sshd.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/sshd.local delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/stunnel.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/suhosin.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/tine20.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/traefik-auth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/uwimap-auth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/vsftpd.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/webmin-auth.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/wuftpd.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/xinetd-fail.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/znc-adminlog.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/filter.d/zoneminder.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/jail.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/jail.d/99-sshd.local delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/jail.d/defaults-debian.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/jail.d/sshd-session-preauth.local delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/jail.d/sshd.local delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/jail.d/sshd.local.bak delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/jail.local delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/paths-arch.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/paths-common.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/paths-debian.conf delete mode 100644 straper/db/public/fail2ban/etc-fail2ban/paths-opensuse.conf (limited to 'straper/db/public/fail2ban') diff --git a/straper/db/public/fail2ban/etc-fail2ban/action.d/abuseipdb.conf b/straper/db/public/fail2ban/etc-fail2ban/action.d/abuseipdb.conf deleted file mode 100644 index ed958c8..0000000 --- a/straper/db/public/fail2ban/etc-fail2ban/action.d/abuseipdb.conf +++ /dev/null @@ -1,104 +0,0 @@ -# Fail2ban configuration file -# -# Action to report IP address to abuseipdb.com -# You must sign up to obtain an API key from abuseipdb.com. -# -# NOTE: These reports may include sensitive Info. -# If you want cleaner reports that ensure no user data see the helper script at the below website. -# -# IMPORTANT: -# -# Reporting an IP of abuse is a serious complaint. Make sure that it is -# serious. Fail2ban developers and network owners recommend you only use this -# action for: -# * The recidive where the IP has been banned multiple times -# * Where maxretry has been set quite high, beyond the normal user typing -# password incorrectly. -# * For filters that have a low likelihood of receiving human errors -# -# This action relies on a api_key being added to the above action conf, -# and the appropriate categories set. -# -# Example, for ssh bruteforce (in section [sshd] of `jail.local`): -# action = %(known/action)s -# abuseipdb[abuseipdb_apikey="my-api-key", abuseipdb_category="18,22"] -# -# See below for categories. -# -# Added to fail2ban by Andrew James Collett (ajcollett) - -## abuseIPDB Categories, `the abuseipdb_category` MUST be set in the jail.conf action call. -# Example, for ssh bruteforce: action = %(action_abuseipdb)s[abuseipdb_category="18,22"] -# ID Title Description -# 3 Fraud Orders -# 4 DDoS Attack -# 9 Open Proxy -# 10 Web Spam -# 11 Email Spam -# 14 Port Scan -# 18 Brute-Force -# 19 Bad Web Bot -# 20 Exploited Host -# 21 Web App Attack -# 22 SSH Secure Shell (SSH) abuse. Use this category in combination with more specific categories. -# 23 IoT Targeted -# See https://abuseipdb.com/categories for more descriptions - -[Definition] - -# bypass action for restored tickets -norestored = 1 - -# Option: actionstart -# Notes.: command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false). -# Values: CMD -# -actionstart = - -# Option: actionstop -# Notes.: command executed at the stop of jail (or at the end of Fail2Ban) -# Values: CMD -# -actionstop = - -# Option: actioncheck -# Notes.: command executed once before each actionban command -# Values: CMD -# -actioncheck = - -# Option: actionban -# Notes.: command executed when banning an IP. Take care that the -# command is executed with Fail2Ban user rights. -# -# ** IMPORTANT! ** -# -# By default, this posts directly to AbuseIPDB's API, unfortunately -# this results in a lot of backslashes/escapes appearing in the -# reports. This also may include info like your hostname. -# If you have your own web server with PHP available, you can -# use my (Shaun's) helper PHP script by commenting out the first #actionban -# line below, uncommenting the second one, and pointing the URL at -# wherever you install the helper script. For the PHP helper script, see -# -# -# Tags: See jail.conf(5) man page -# Values: CMD -# -actionban = lgm=$(printf '%%.1000s\n...' ""); curl -sSf "https://api.abuseipdb.com/api/v2/report" -H "Accept: application/json" -H "Key: " --data-urlencode "comment=$lgm" --data-urlencode "ip=" --data "categories=" - -# Option: actionunban -# Notes.: command executed when unbanning an IP. Take care that the -# command is executed with Fail2Ban user rights. -# Tags: See jail.conf(5) man page -# Values: CMD -# -actionunban = - -[Init] -# Option: abuseipdb_apikey -# Notes Your API key from abuseipdb.com -# Values: STRING Default: None -# Register for abuseipdb [https://www.abuseipdb.com], get api key and set below. -# You will need to set the category in the action call. -abuseipdb_apikey = diff --git a/straper/db/public/fail2ban/etc-fail2ban/action.d/apf.conf b/straper/db/public/fail2ban/etc-fail2ban/action.d/apf.conf deleted file mode 100644 index 5c4a261..0000000 --- a/straper/db/public/fail2ban/etc-fail2ban/action.d/apf.conf +++ /dev/null @@ -1,25 +0,0 @@ -# Fail2Ban configuration file -# https://www.rfxn.com/projects/advanced-policy-firewall/ -# -# Note: APF doesn't play nicely with other actions. It has been observed to -# remove bans created by other iptables based actions. If you are going to use -# this action, use it for all of your jails. -# -# DON'T MIX APF and other IPTABLES based actions -[Definition] - -actionstart = -actionstop = -actioncheck = -actionban = apf --deny "banned by Fail2Ban " -actionunban = apf --remove - -[Init] - -# Name used in APF configuration -# -name = default - -# DEV NOTES: -# -# Author: Mark McKinstry diff --git a/straper/db/public/fail2ban/etc-fail2ban/action.d/apprise.conf b/straper/db/public/fail2ban/etc-fail2ban/action.d/apprise.conf deleted file mode 100644 index 37c42ea..0000000 --- a/straper/db/public/fail2ban/etc-fail2ban/action.d/apprise.conf +++ /dev/null @@ -1,49 +0,0 @@ -# Fail2Ban configuration file -# -# Author: Chris Caron -# -# - -[Definition] - -# Option: actionstart -# Notes.: command executed once at the start of Fail2Ban. -# Values: CMD -# -actionstart = printf %%b "The jail as been started successfully." | -t "[Fail2Ban] : started on `uname -n`" - -# Option: actionstop -# Notes.: command executed once at the end of Fail2Ban -# Values: CMD -# -actionstop = printf %%b "The jail has been stopped." | -t "[Fail2Ban] : stopped on `uname -n`" - -# Option: actioncheck -# Notes.: command executed once before each actionban command -# Values: CMD -# -actioncheck = - -# Option: actionban -# Notes.: command executed when banning an IP. Take care that the -# command is executed with Fail2Ban user rights. -# Tags: See jail.conf(5) man page -# Values: CMD -# -actionban = printf %%b "The IP has just been banned by Fail2Ban after attempts against " | -n "warning" -t "[Fail2Ban] : banned from `uname -n`" - -# Option: actionunban -# Notes.: command executed when unbanning an IP. Take care that the -# command is executed with Fail2Ban user rights. -# Tags: See jail.conf(5) man page -# Values: CMD -# -actionunban = - -[Init] - -# Define location of the default apprise configuration file to use -# -config = /etc/fail2ban/apprise.conf -# -apprise = apprise -c "" diff --git a/straper/db/public/fail2ban/etc-fail2ban/action.d/blocklist_de.conf b/straper/db/public/fail2ban/etc-fail2ban/action.d/blocklist_de.conf deleted file mode 100644 index ba6d427..0000000 --- a/straper/db/public/fail2ban/etc-fail2ban/action.d/blocklist_de.conf +++ /dev/null @@ -1,84 +0,0 @@ -# Fail2Ban configuration file -# -# Author: Steven Hiscocks -# -# - -# Action to report IP address to blocklist.de -# Blocklist.de must be signed up to at www.blocklist.de -# Once registered, one or more servers can be added. -# This action requires the server 'email address' and the associated apikey. -# -# From blocklist.de: -# www.blocklist.de is a free and voluntary service provided by a -# Fraud/Abuse-specialist, whose servers are often attacked on SSH-, -# Mail-Login-, FTP-, Webserver- and other services. -# The mission is to report all attacks to the abuse departments of the -# infected PCs/servers to ensure that the responsible provider can inform -# the customer about the infection and disable them -# -# IMPORTANT: -# -# Reporting an IP of abuse is a serious complaint. Make sure that it is -# serious. Fail2ban developers and network owners recommend you only use this -# action for: -# * The recidive where the IP has been banned multiple times -# * Where maxretry has been set quite high, beyond the normal user typing -# password incorrectly. -# * For filters that have a low likelihood of receiving human errors -# - -[Definition] - -# Option: actionstart -# Notes.: command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false). -# Values: CMD -# -actionstart = - -# Option: actionstop -# Notes.: command executed at the stop of jail (or at the end of Fail2Ban) -# Values: CMD -# -actionstop = - -# Option: actioncheck -# Notes.: command executed once before each actionban command -# Values: CMD -# -actioncheck = - -# Option: actionban -# Notes.: command executed when banning an IP. Take care that the -# command is executed with Fail2Ban user rights. -# Tags: See jail.conf(5) man page -# Values: CMD -# -actionban = curl --fail --data-urlencode "server=" --data "apikey=" --data "service=" --data "ip=" --data-urlencode "logs=
" --data 'format=text' --user-agent "" "https://www.blocklist.de/en/httpreports.html" - -# Option: actionunban -# Notes.: command executed when unbanning an IP. Take care that the -# command is executed with Fail2Ban user rights. -# Tags: See jail.conf(5) man page -# Values: CMD -# -actionunban = - -# Option: email -# Notes server email address, as per blocklist.de account -# Values: STRING Default: None -# -#email = - -# Option: apikey -# Notes your user blocklist.de user account apikey -# Values: STRING Default: None -# -#apikey = - -# Option: service -# Notes service name you are reporting on, typically aligns with filter name -# see http://www.blocklist.de/en/httpreports.html for full list -# Values: STRING Default: None -# -#service = diff --git a/straper/db/public/fail2ban/etc-fail2ban/action.d/bsd-ipfw.conf b/straper/db/public/fail2ban/etc-fail2ban/action.d/bsd-ipfw.conf deleted file mode 100644 index d002945..0000000 --- a/straper/db/public/fail2ban/etc-fail2ban/action.d/bsd-ipfw.conf +++ /dev/null @@ -1,94 +0,0 @@ -# Fail2Ban configuration file -# -# Author: Nick Munger -# Modified by: Ken Menzel -# Daniel Black (start/stop) -# Fabian Wenk (many ideas as per fail2ban users list) -# -# Ensure firewall_enable="YES" in the top of /etc/rc.conf -# - -[Definition] - -# Option: actionstart -# Notes.: command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false). -# Values: CMD -# -actionstart = ipfw show | fgrep -c -m 1 -s 'table()' > /dev/null 2>&1 || ( - num=$(ipfw show | awk 'BEGIN { b = } { if ($1 == b) { b = $1 + 1 } } END { print b }'); - ipfw -q add "$num" from table\(
\) to me ; echo "$num" > "" - ) - - -# Option: actionstop -# Notes.: command executed at the stop of jail (or at the end of Fail2Ban) -# Values: CMD -# -actionstop = [ ! -f ] || ( read num < ""
ipfw -q delete $num
rm "" ) - - -# Option: actioncheck -# Notes.: command executed once before each actionban command -# Values: CMD -# -actioncheck = - - -# Option: actionban -# Notes.: command executed when banning an IP. Take care that the -# command is executed with Fail2Ban user rights. -# Tags: See jail.conf(5) man page -# Values: CMD -# -# requires an ipfw rule like "deny ip from table(1) to me" -actionban = e=`ipfw table
add 2>&1`; x=$?; [ $x -eq 0 -o "$e" = 'ipfw: setsockopt(IP_FW_TABLE_XADD): File exists' ] || echo "$e" | grep -q "record already exists" || { echo "$e" 1>&2; exit $x; } - - -# Option: actionunban -# Notes.: command executed when unbanning an IP. Take care that the -# command is executed with Fail2Ban user rights. -# Tags: See jail.conf(5) man page -# Values: CMD -# -actionunban = e=`ipfw table
delete 2>&1`; x=$?; [ $x -eq 0 -o "$e" = 'ipfw: setsockopt(IP_FW_TABLE_XDEL): No such process' ] || echo "$e" | grep -q "record not found" || { echo "$e" 1>&2; exit $x; } - -[Init] -# Option: table -# Notes: The ipfw table to use. If a ipfw rule using this table already exists, -# this action will not create a ipfw rule to block it and the following -# options will have no effect. -# Values: NUM -table = 1 - -# Option: port -# Notes.: Specifies port to monitor. Blank indicate block all ports. -# Values: [ NUM | STRING ] -# -port = - -# Option: startstatefile -# Notes: A file to indicate that the table rule that was added. Ensure it is unique per table. -# Values: STRING -startstatefile = /var/run/fail2ban/ipfw-started-table_
- -# Option: block -# Notes: This is how much to block. -# Can be "ip", "tcp", "udp" or various other options. -# Values: STRING -block = ip - -# Option: blocktype -# Notes.: How to block the traffic. Use a action from man 5 ipfw -# Common values: deny, unreach port, reset -# ACTION definition at the top of man ipfw for allowed values. -# Values: STRING -# -blocktype = unreach port - -# Option: lowest_rule_num -# Notes: When fail2ban starts with action and there is no rule for the given table yet -# then fail2ban will start looking for an empty slot starting with this rule number. -# Values: NUM -lowest_rule_num = 111 - - diff --git a/straper/db/public/fail2ban/etc-fail2ban/action.d/cloudflare-token.conf b/straper/db/public/fail2ban/etc-fail2ban/action.d/cloudflare-token.conf deleted file mode 100644 index ff5f5c4..0000000 --- a/straper/db/public/fail2ban/etc-fail2ban/action.d/cloudflare-token.conf +++ /dev/null @@ -1,93 +0,0 @@ -# -# Author: Logic-32 -# -# IMPORTANT -# -# Please set jail.local's permission to 640 because it contains your CF API token. -# -# This action depends on curl. -# -# To get your Cloudflare API token: https://developers.cloudflare.com/api/tokens/create/ -# -# Cloudflare Firewall API: https://developers.cloudflare.com/firewall/api/cf-firewall-rules/endpoints/ - -[Definition] - -# Option: actionstart -# Notes.: command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false). -# Values: CMD -# -actionstart = - -# Option: actionstop -# Notes.: command executed at the stop of jail (or at the end of Fail2Ban) -# Values: CMD -# -actionstop = - -# Option: actioncheck -# Notes.: command executed once before each actionban command -# Values: CMD -# -actioncheck = - -# Option: actionban -# Notes.: command executed when banning an IP. Take care that the -# command is executed with Fail2Ban user rights. -# Tags: IP address -# number of failures -#
-_nft_get_handle_id = grep -oP '@\s+.*\s+\Khandle\s+(\d+)$' - -_nft_add_set = add set
\{ type \; flags interval\; \} - <_nft_for_proto--iter> - add rule
%(rule_stat)s - <_nft_for_proto--done> -_nft_del_set = { %(_nft_list)s | %(_nft_get_handle_id)s; } | while read -r hdl; do - delete rule
$hdl; done - delete set
- -# Option: _nft_shutdown_table -# Notes.: command executed after the stop in order to delete table (it checks that no sets are available): -# Values: CMD -# -_nft_shutdown_table = { list table
| grep -qP '^\s+set\s+'; } || { - delete table
- } - -# Option: actionstart -# Notes.: command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false). -# Values: CMD -# -actionstart = add table
- -- add chain
\{ type hook priority \; \} - %(_nft_add_set)s - -# Option: actionflush -# Notes.: command executed once to flush IPS, by shutdown (resp. by stop of the jail or this action); -# uses `nft flush set ...` and as fallback (e. g. unsupported) recreates the set (with references) -# Values: CMD -# -actionflush = { flush set
2> /dev/null; } || { - %(_nft_del_set)s - %(_nft_add_set)s - } - -# Option: actionstop -# Notes.: command executed at the stop of jail (or at the end of Fail2Ban) -# Values: CMD -# -actionstop = %(_nft_del_set)s - <_nft_shutdown_table> - -# Option: actioncheck -# Notes.: command executed once before each actionban command -# Values: CMD -# -actioncheck = list chain
| grep -q '@[ \t]' - -# Option: actionban -# Notes.: command executed when banning an IP. Take care that the -# command is executed with Fail2Ban user rights. -# Tags: See jail.conf(5) man page -# Values: CMD -# -actionban = add element
\{ \} - -# Option: actionunban -# Notes.: command executed when unbanning an IP. Take care that the -# command is executed with Fail2Ban user rights. -# Tags: See jail.conf(5) man page -# Values: CMD -# -actionunban = delete element
\{ \} - -[Init] - -# Option: table -# Notes.: main table to store chain and sets (automatically created on demand) -# Values: STRING Default: f2b-table -table = f2b-table - -# Option: table_family -# Notes.: address family to work in -# Values: [ip | ip6 | inet] Default: inet -table_family = inet - -# Option: chain -# Notes.: main chain to store rules -# Values: STRING Default: f2b-chain -chain = f2b-chain - -# Option: chain_type -# Notes.: refers to the kind of chain to be created -# Values: [filter | route | nat] Default: filter -# -chain_type = filter - -# Option: chain_hook -# Notes.: refers to the kind of chain to be created -# Values: [ prerouting | input | forward | output | postrouting ] Default: input -# -chain_hook = input - -# Option: chain_priority -# Notes.: priority in the chain. -# Values: NUMBER Default: -1 -# -chain_priority = -1 - -# Option: addr_type -# Notes.: address type to work with -# Values: [ipv4_addr | ipv6_addr] Default: ipv4_addr -# -addr_type = ipv4_addr - -# Default name of the filtering set -# -name = default - -# Option: port -# Notes.: specifies port to monitor -# Values: [ NUM | STRING ] Default: -# -port = ssh - -# Option: protocol -# Notes.: internally used by config reader for interpolations. -# Values: [ tcp | udp ] Default: tcp -# -protocol = tcp - -# Option: blocktype -# Note: This is what the action does with rules. This can be any jump target -# as per the nftables man page (section 8). Common values are drop, -# reject, reject with icmpx type host-unreachable, redirect to 2222 -# Values: STRING -blocktype = reject - -# Option: nftables -# Notes.: Actual command to be executed, including common to all calls options -# Values: STRING -nftables = nft - -# Option: addr_set -# Notes.: The name of the nft set used to store banned addresses -# Values: STRING -addr_set = addr-set- - -# Option: addr_family -# Notes.: The family of the banned addresses -# Values: [ ip | ip6 ] -addr_family = ip - -[Init?family=inet6] -addr_family = ip6 -addr_type = ipv6_addr -addr_set = addr6-set- diff --git a/straper/db/public/fail2ban/etc-fail2ban/action.d/nginx-block-map.conf b/straper/db/public/fail2ban/etc-fail2ban/action.d/nginx-block-map.conf deleted file mode 100644 index 0de382b..0000000 --- a/straper/db/public/fail2ban/etc-fail2ban/action.d/nginx-block-map.conf +++ /dev/null @@ -1,117 +0,0 @@ -# Fail2Ban configuration file for black-listing via nginx -# -# Author: Serg G. Brester (aka sebres) -# -# To use 'nginx-block-map' action you should define some special blocks in your nginx configuration, -# and use it hereafter in your locations (to notify fail2ban by failure, resp. nginx by ban). -# -# Example (argument "token_id" resp. cookie "session_id" used here as unique identifier for user): -# -# http { -# ... -# # maps to check user is blacklisted (banned in f2b): -# #map $arg_token_id $blck_lst_tok { include blacklisted-tokens.map; } -# map $cookie_session_id $blck_lst_ses { include blacklisted-sessions.map; } -# ... -# # special log-format to notify fail2ban about failures: -# log_format f2b_session_errors '$msec failure "$cookie_session_id" - $remote_addr - $remote_user ' -# ;# '"$request" $status $bytes_sent ' -# # '"$http_referer" "$http_user_agent"'; -# -# # location checking blacklisted values: -# location ... { -# # check banned sessionid: -# if ($blck_lst_ses != "") { -# try_files "" @f2b-banned; -# } -# ... -# # notify fail2ban about a failure inside nginx: -# error_page 401 = @notify-f2b; -# ... -# } -# ... -# # location for return with "403 Forbidden" if banned: -# location @f2b-banned { -# default_type text/html; -# return 403 "
-# -# You are banned!
"; -# } -# ... -# # location to notify fail2ban about a failure inside nginx: -# location @notify-f2b { -# access_log /var/log/nginx/f2b-auth-errors.log f2b_session_errors; -# } -# } -# ... -# -# Note that quote-character (and possibly other special characters) are not allowed currently as session-id. -# Thus please add any session-id validation rule in your locations (or in the corresponding backend-service), -# like in example below: -# -# location ... { -# if ($cookie_session_id !~ "^[\w\-]+$") { -# return 403 "Wrong session-id" -# } -# ... -# } -# -# The parameters for jail corresponding log-format (f2b_session_errors): -# -# [nginx-blck-lst] -# filter = -# datepattern = ^Epoch -# failregex = ^ failure "[^"]+" - -# usedns = no -# -# The same log-file can be used for IP-related jail (additionally to session-related, to ban very bad IPs): -# -# [nginx-blck-ip] -# maxretry = 100 -# filter = -# datepattern = ^Epoch -# failregex = ^ failure "[^"]+" - -# usedns = no -# - -[Definition] - -# path to configuration of nginx (used to target nginx-instance in multi-instance system, -# and as path for the blacklisted map): -srv_cfg_path = /etc/nginx/ - -# cmd-line arguments to supply to test/reload nginx: -#srv_cmd = nginx -c %(srv_cfg_path)s/nginx.conf -srv_cmd = nginx - -# pid file (used to check nginx is running): -srv_pid = /run/nginx.pid - -# command used to check whether nginx is running and configuration is valid: -srv_is_running = [ -f "%(srv_pid)s" ] -srv_check_cmd = %(srv_is_running)s && %(srv_cmd)s -qt - -# first test nginx is running and configuration is correct, hereafter send reload signal: -blck_lst_reload = %(srv_check_cmd)s; if [ $? -eq 0 ]; then - %(srv_cmd)s -s reload; if [ $? -ne 0 ]; then echo 'reload failed.'; fi; - fi; - -# map-file for nginx, can be redefined using `action = nginx-block-map[blck_lst_file="/path/file.map"]`: -blck_lst_file = %(srv_cfg_path)s/blacklisted-sessions.map - -# Action definition: - -actionstart_on_demand = false -actionstart = touch '%(blck_lst_file)s' - -actionflush = truncate -s 0 '%(blck_lst_file)s'; %(blck_lst_reload)s - -actionstop = %(actionflush)s - -actioncheck = - -_echo_blck_row = printf '\%%s 1;\n' "" - -actionban = %(_echo_blck_row)s >> '%(blck_lst_file)s'; %(blck_lst_reload)s - -actionunban = id=$(%(_echo_blck_row)s | sed -e 's/[]\/$*.^|[]/\\&/g'); sed -i "/^$id$/d" %(blck_lst_file)s; %(blck_lst_reload)s diff --git a/straper/db/public/fail2ban/etc-fail2ban/action.d/npf.conf b/straper/db/public/fail2ban/etc-fail2ban/action.d/npf.conf deleted file mode 100644 index 3bbb2f5..0000000 --- a/straper/db/public/fail2ban/etc-fail2ban/action.d/npf.conf +++ /dev/null @@ -1,61 +0,0 @@ -# Fail2Ban configuration file -# -# NetBSD npf ban/unban -# -# Author: Nils Ratusznik -# Based on pf.conf action file -# - -[Definition] - -# Option: actionstart -# Notes.: command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false). -# Values: CMD -# -# we don't enable NPF automatically, as it will be enabled elsewhere -actionstart = - - -# Option: actionstop -# Notes.: command executed at the stop of jail (or at the end of Fail2Ban) -# Values: CMD -# -# we don't disable NPF automatically either -actionstop = - - -# Option: actioncheck -# Notes.: command executed once before each actionban command -# Values: CMD -# -actioncheck = - - -# Option: actionban -# Notes.: command executed when banning an IP. Take care that the -# command is executed with Fail2Ban user rights. -# Tags: IP address -# number of failures -#