| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374 |
- [DEFAULT]
- ignoreip = 127.0.0.1 {{ ansible_default_ipv4.address }} {{ ' '.join(friendly_networks) }}
- bantime = 86400
- destemail = {{ admin_email }}
- banaction = iptables-multiport
- action = %(action_)s
-
- # JAILS
- [sshd]
- enabled = true
- maxretry = 3
-
- [pam-generic]
- enabled = true
- banaction = iptables-allports
-
- [sshd-ddos]
- enabled = true
-
- [apache-auth]
- enabled = true
-
- [apache-badbots]
- enabled = true
-
- [apache-botsearch]
- enabled = true
-
- [apache-common]
- enabled = true
-
- [apache-fakegooglebot]
- enabled = true
-
- [apache-modsecurity]
- enabled = true
-
- [apache-nohome]
- enabled = true
-
- [apache-noscript]
- enabled = true
-
- [apache-overflows]
- enabled = true
-
- [apache-pass]
- enabled = true
-
- [apache-shellshock]
- enabled = true
-
- [postfix]
- enabled = true
- maxretry = 1
-
- [dovecot-pop3imap]
- enabled = true
- filter = dovecot-pop3imap
- action = iptables-multiport[name=dovecot-pop3imap, port="pop3,imap,993,995", protocol=tcp]
- logpath = /var/log/mail.log
- maxretry = 20
- findtime = 1200
- bantime = 1200
-
- [gitea]
- enabled = true
- port = http,https
- filter = gitea
- logpath = /data/gitea/log/gitea.log
- maxretry = 10
- findtime = 3600
- bantime = 900
- action = iptables-allports
|
