You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
44 lines
984 B
44 lines
984 B
[main] |
|
includes = /etc/f2b/conf.d |
|
pidfile = /var/run/f2b.pid |
|
logdest = syslog |
|
loglevel = info |
|
logfile = /var/log/f2b.log |
|
user = root |
|
group = root |
|
daemon = yes |
|
|
|
[defaults] |
|
enabled = no |
|
incr_ban = no |
|
bantime = 3600 |
|
findtime = 300 |
|
maxretry = 5 |
|
source = files:/var/log/messages |
|
; filter = preg:/etc/f2b/filters/$someservice.preg |
|
backend = exec-ipset:banned |
|
|
|
[filter:preg] |
|
load = libf2b_filter_preg.so |
|
icase = no |
|
|
|
[filter:pcre] |
|
load = libf2b_filter_pcre.so |
|
icase = no |
|
study = no |
|
usejit = no |
|
|
|
[backend:exec-ipset] |
|
load = libf2b_backend_exec.so |
|
start = /sbin/ipset -! create <ID> hash:ip |
|
start = /sbin/iptables -I INPUT -m set --match-set <ID> src -j DROP |
|
stop = /sbin/iptables -D INPUT -m set --match-set <ID> src -j DROP |
|
stop = /sbin/ipset -! destroy <ID> |
|
ban = /sbin/ipset -! add <ID> <IP> |
|
check = /sbin/ipset -! test <ID> <IP> |
|
unban = /sbin/ipset -! del <ID> <IP> |
|
timeout = 2 |
|
|
|
[jail:ssh] |
|
source = files:/var/log/auth.log |
|
filter = preg:/etc/f2b/filters/ssh.preg
|
|
|