From 3f64d298991c2f5cf45f0e780c29c854f1d43078 Mon Sep 17 00:00:00 2001
From: Alex 'AdUser' Z <ad_user@runbox.com>
Date: Thu, 17 Mar 2016 21:15:53 +1000
Subject: [PATCH] * split config

---
 .../conf-available/10-backend-exec-ipset.conf | 10 ++++++++
 docs/conf-available/15-filter-pcre.conf       |  5 ++++
 docs/conf-available/15-filter-preg.conf       |  3 +++
 docs/f2b.conf.sample                          | 23 +------------------
 4 files changed, 19 insertions(+), 22 deletions(-)
 create mode 100644 docs/conf-available/10-backend-exec-ipset.conf
 create mode 100644 docs/conf-available/15-filter-pcre.conf
 create mode 100644 docs/conf-available/15-filter-preg.conf

diff --git a/docs/conf-available/10-backend-exec-ipset.conf b/docs/conf-available/10-backend-exec-ipset.conf
new file mode 100644
index 0000000..2c7fbc0
--- /dev/null
+++ b/docs/conf-available/10-backend-exec-ipset.conf
@@ -0,0 +1,10 @@
+[backend:exec-ipset]
+load  = libf2b_backend_exec.so
+start = /sbin/ipset -! create  <ID> hash:ip
+start = /sbin/iptables -I INPUT -m set --match-set <ID> src -j DROP
+stop  = /sbin/iptables -D INPUT -m set --match-set <ID> src -j DROP
+stop  = /sbin/ipset -! destroy <ID>
+ban   = /sbin/ipset -! add     <ID> <IP>
+check = /sbin/ipset -! test    <ID> <IP>
+unban = /sbin/ipset -! del     <ID> <IP>
+timeout = 2
diff --git a/docs/conf-available/15-filter-pcre.conf b/docs/conf-available/15-filter-pcre.conf
new file mode 100644
index 0000000..d090d69
--- /dev/null
+++ b/docs/conf-available/15-filter-pcre.conf
@@ -0,0 +1,5 @@
+[filter:pcre]
+load  = libf2b_filter_pcre.so
+icase = no
+study = yes
+usejit = no
diff --git a/docs/conf-available/15-filter-preg.conf b/docs/conf-available/15-filter-preg.conf
new file mode 100644
index 0000000..a764326
--- /dev/null
+++ b/docs/conf-available/15-filter-preg.conf
@@ -0,0 +1,3 @@
+[filter:preg]
+load  = libf2b_filter_preg.so
+icase = no
diff --git a/docs/f2b.conf.sample b/docs/f2b.conf.sample
index 5fd0f26..0edd7b7 100644
--- a/docs/f2b.conf.sample
+++ b/docs/f2b.conf.sample
@@ -1,5 +1,5 @@
 [main]
-includes = /etc/f2b/conf.d
+includes = /etc/f2b/conf-enabled
 pidfile = /var/run/f2b.pid
 logdest = syslog
 loglevel = info
@@ -19,27 +19,6 @@ source   = files:/var/log/messages
 ; filter = preg:/etc/f2b/filters/$someservice.preg
 backend  = exec-ipset:banned
 
-[filter:preg]
-load  = libf2b_filter_preg.so
-icase = no
-
-[filter:pcre]
-load  = libf2b_filter_pcre.so
-icase = no
-study = no
-usejit = no
-
-[backend:exec-ipset]
-load  = libf2b_backend_exec.so
-start = /sbin/ipset -! create  <ID> hash:ip
-start = /sbin/iptables -I INPUT -m set --match-set <ID> src -j DROP
-stop  = /sbin/iptables -D INPUT -m set --match-set <ID> src -j DROP
-stop  = /sbin/ipset -! destroy <ID>
-ban   = /sbin/ipset -! add     <ID> <IP>
-check = /sbin/ipset -! test    <ID> <IP>
-unban = /sbin/ipset -! del     <ID> <IP>
-timeout = 2
-
 [jail:ssh]
 source  = files:/var/log/auth.log
 filter  = preg:/etc/f2b/filters/ssh.preg