mirror of
https://github.com/fail2ban/fail2ban.git
synced 2026-03-11 08:55:31 +00:00
This is useful when fail2ban is running on multiple servers and keeping the notifictions separate and knowing which machine is "under attack".
96 lines
2.7 KiB
Text
96 lines
2.7 KiB
Text
# Fail2Ban configuration file
|
|
#
|
|
# Author: Cyril Jaquier
|
|
#
|
|
#
|
|
|
|
[INCLUDES]
|
|
|
|
before = sendmail-common.conf
|
|
|
|
[Definition]
|
|
|
|
# Option: actionstart
|
|
# Notes.: command executed once at the start of Fail2Ban.
|
|
# Values: CMD
|
|
#
|
|
actionstart = printf %%b "Subject: [Fail2Ban] <name>: started on `uname -n`
|
|
From: <sendername> <<sender>>
|
|
To: <dest>\n
|
|
Hi,\n
|
|
The jail <name> has been started successfully.\n
|
|
Output will be buffered until <lines> lines are available.\n
|
|
Regards,\n
|
|
Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
|
|
|
|
# Option: actionstop
|
|
# Notes.: command executed once at the end of Fail2Ban
|
|
# Values: CMD
|
|
#
|
|
actionstop = if [ -f <tmpfile> ]; then
|
|
printf %%b "Subject: [Fail2Ban] <name>: summary from `uname -n`
|
|
From: <sendername> <<sender>>
|
|
To: <dest>\n
|
|
Hi,\n
|
|
These hosts have been banned by Fail2Ban.\n
|
|
`cat <tmpfile>`
|
|
Regards,\n
|
|
Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
|
|
rm <tmpfile>
|
|
fi
|
|
printf %%b "Subject: [Fail2Ban] <name>: stopped on `uname -n`
|
|
From: Fail2Ban <<sender>>
|
|
To: <dest>\n
|
|
Hi,\n
|
|
The jail <name> has been stopped.\n
|
|
Regards,\n
|
|
Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
|
|
|
|
# Option: actioncheck
|
|
# Notes.: command executed once before each actionban command
|
|
# Values: CMD
|
|
#
|
|
actioncheck =
|
|
|
|
# Option: actionban
|
|
# Notes.: command executed when banning an IP. Take care that the
|
|
# command is executed with Fail2Ban user rights.
|
|
# Tags: See jail.conf(5) man page
|
|
# Values: CMD
|
|
#
|
|
actionban = printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile>
|
|
LINE=$( wc -l <tmpfile> | awk '{ print $1 }' )
|
|
if [ $LINE -ge <lines> ]; then
|
|
printf %%b "Subject: [Fail2Ban] <name>: summary from `uname -n`
|
|
From: <sendername> <<sender>>
|
|
To: <dest>\n
|
|
Hi,\n
|
|
These hosts have been banned by Fail2Ban.\n
|
|
`cat <tmpfile>`
|
|
Regards,\n
|
|
Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
|
|
rm <tmpfile>
|
|
fi
|
|
|
|
# Option: actionunban
|
|
# Notes.: command executed when unbanning an IP. Take care that the
|
|
# command is executed with Fail2Ban user rights.
|
|
# Tags: See jail.conf(5) man page
|
|
# Values: CMD
|
|
#
|
|
actionunban =
|
|
|
|
[Init]
|
|
|
|
# Default name of the chain
|
|
#
|
|
name = default
|
|
|
|
# Default number of lines that are buffered
|
|
#
|
|
lines = 5
|
|
|
|
# Default temporary file
|
|
#
|
|
tmpfile = /var/run/fail2ban/tmp-mail.txt
|
|
|