[main]
includes = /etc/f2b/conf.d
pidfile = /var/run/f2b.pid
logdest = syslog
loglevel = info
logfile = /var/log/f2b.log
user = root
group = root
daemon = yes

[defaults]
backend = exec-ipset:banned

[filter:preg]
load  = libf2b_filter_preg.so

[backend:exec-ipset]
load  = libf2b_backend_exec.so
start = /sbin/ipset -! create  <ID> hash:ip
start = /sbin/iptables -I INPUT -m set --match-set <ID> -j DROP
stop  = /sbin/iptables -D INPUT -m set --match-set <ID> -j DROP
stop  = /sbin/ipset -! destroy <ID>
ban   = /sbin/ipset -! add     <ID> <IP>
check = /sbin/ipset -! test    <ID> <IP>
unban = /sbin/ipset -! del     <ID> <IP>
timeout = 2

[jail:ssh]
source  = files:/var/log/*.log
filter  = preg:filters/ssh.preg