mirror of
https://github.com/fail2ban/fail2ban.git
synced 2026-03-11 08:55:31 +00:00
On Ubuntu 15.04 the ufw action was not working. - With empty <application>, receiving errors: 2015-04-24 16:28:35,204 fail2ban.filter [8527]: INFO [sshd] Found 43.255.190.157 2015-04-24 16:28:35,695 fail2ban.actions [8527]: NOTICE [sshd] Ban 43.255.190.157 2015-04-24 16:28:35,802 fail2ban.action [8527]: ERROR [ -n "" ] && app="app " -- stdout: b'' 2015-04-24 16:28:35,803 fail2ban.action [8527]: ERROR [ -n "" ] && app="app " -- stderr: b'' 2015-04-24 16:28:35,803 fail2ban.action [8527]: ERROR [ -n "" ] && app="app " -- returned 1 - With action = ufw[application=OpenSSH], it was silently not doing anything (no errors after "Ban x.x.x.x", but no IP addresses in ufw status). Re-arranged the bash commands on two lines, and it works with or without <application>.
42 lines
1 KiB
Text
42 lines
1 KiB
Text
# Fail2Ban action configuration file for ufw
|
|
#
|
|
# You are required to run "ufw enable" before this will have any effect.
|
|
#
|
|
# The insert position should be appropriate to block the required traffic.
|
|
# A number after an allow rule to the application won't be of much use.
|
|
|
|
[Definition]
|
|
|
|
actionstart =
|
|
|
|
actionstop =
|
|
|
|
actioncheck =
|
|
|
|
actionban = [ -n "<application>" ] && app="app <application>"
|
|
ufw insert <insertpos> <blocktype> from <ip> to <destination> $app
|
|
|
|
actionunban = [ -n "<application>" ] && app="app <application>"
|
|
ufw delete <blocktype> from <ip> to <destination> $app
|
|
|
|
[Init]
|
|
# Option: insertpos
|
|
# Notes.: The position number in the firewall list to insert the block rule
|
|
insertpos = 1
|
|
|
|
# Option: blocktype
|
|
# Notes.: reject or deny
|
|
blocktype = reject
|
|
|
|
# Option: destination
|
|
# Notes.: The destination address to block in the ufw rule
|
|
destination = any
|
|
|
|
# Option: application
|
|
# Notes.: application from sudo ufw app list
|
|
application =
|
|
|
|
# DEV NOTES:
|
|
#
|
|
# Author: Guilhem Lettron
|
|
# Enhancements: Daniel Black
|