Ticket #38961: pf-icefloor.conf

File pf-icefloor.conf, 1.5 KB (added by fclaire@…, 11 years ago)
Line 
1# Fail2Ban configuration file
2#
3# Author: Francois Claire
4# Modified by:
5#
6# $Revision$
7#
8
9[Definition]
10
11# Option:  actionstart
12# Notes.:  command executed once at the start of Fail2Ban.
13# Values:  CMD
14#
15actionstart =
16
17
18# Option:  actionstop
19# Notes.:  command executed once at the end of Fail2Ban
20# Values:  CMD
21#
22actionstop =
23
24
25# Option:  actioncheck
26# Notes.:  command executed once before each actionban command
27# Values:  CMD
28#
29actioncheck =
30
31
32# Option:  actionban
33# Notes.:  command executed when banning an IP. Take care that the
34#          command is executed with Fail2Ban user rights.
35# Tags:    <ip>  IP address
36#          <failures>  number of failures
37#          <time>  unix timestamp of the ban time
38# Values:  CMD
39#
40# Adds the IP address to the IceFloor firewall "bruteforce" table
41# and kills an already established connection from this IP
42actionban = /sbin/pfctl -a <anchor> -t <pftable> -T add <ip> && /sbin/pfctl -k <ip>
43
44
45# Option:  actionunban
46# Notes.:  command executed when unbanning an IP. Take care that the
47#          command is executed with Fail2Ban user rights.
48# Tags:    <ip>  IP address
49#          <failures>  number of failures
50#          <time>  unix timestamp of the ban time
51# Values:  CMD
52#
53actionunban = /sbin/pfctl -a <anchor> -t <pftable> -T delete <ip>
54
55
56[Init]
57
58# Option:  anchor
59# Notes.:  specifies pf anchor. We use IceFloor's main anchor
60# Values:  STRING
61#
62anchor = 800.icefloor
63
64# Option:  pftable
65# Notes.:  the table used to block IPs. We use IceFloor's bruteforce table.
66# Values:  STRING
67#
68pftable = bruteforce
69