aboutsummaryrefslogtreecommitdiff
path: root/straper/db/public/fail2ban/etc-fail2ban/jail.d/sshd-session-preauth.local
blob: a2b9f78a3a6e2f61b6f8f5498bb913ab8438a167 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
[sshd-session-preauth]
enabled  = true
backend  = systemd
filter   = sshd-session-preauth
# journal match: use the unit and/or the SYSLOG_IDENTIFIER seen in logs
journalmatch = _SYSTEMD_UNIT=ssh.service + SYSLOG_IDENTIFIER=sshd-session

# Your SSH is on 57385; Fail2ban does not need it for matching, but does for actions:
port     = 57385
mode     = aggressive

# Thresholds (safe defaults; adjust later)
findtime = 10m
maxretry = 5
bantime  = 24h

# nftables action (single-IP bans)
banaction = nftables