Initial configurations for Bender.
This commit is contained in:
parent
6720861726
commit
0b63587655
53 changed files with 14071 additions and 3 deletions
82
etc/fail2ban/jail.local
Normal file
82
etc/fail2ban/jail.local
Normal file
|
|
@ -0,0 +1,82 @@
|
|||
[DEFAULT]
|
||||
|
||||
#
|
||||
# MISCELLANEOUS OPTIONS
|
||||
#
|
||||
|
||||
# "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban
|
||||
# will not ban a host which matches an address in this list. Several addresses
|
||||
# can be defined using space (and/or comma) separator.
|
||||
ignoreip = 127.0.0.1/8,::1 10.0.0.0/8,169.254.0.0/16,172.16.0.0/12,192.168.0.0/16 5.101.171.210/28,2a01:a500:2981:1::/64 91.109.244.7,91.109.244.8,91.109.244.9,91.109.244.10,91.109.244.11,2a02:2498:1:227::/64 88.80.191.137,2a01:7e00::f03c:93ff:fe86:afae 185.176.90.169,2a07:4580:b0d:57f::169 afterdark.org.uk,2001:470:1f1c:58::/64
|
||||
|
||||
# "bantime" is the number of seconds that a host is banned.
|
||||
bantime = 2d
|
||||
|
||||
# A host is banned if it has generated "maxretry" during the last "findtime"
|
||||
# seconds.
|
||||
findtime = 8h
|
||||
|
||||
# "maxretry" is the number of failures before a host get banned.
|
||||
maxretry = 3
|
||||
|
||||
# "usedns" specifies if jails should trust hostnames in logs,
|
||||
# warn when DNS lookups are performed, or ignore all hostnames in logs
|
||||
#
|
||||
# yes: if a hostname is encountered, a DNS lookup will be performed.
|
||||
# warn: if a hostname is encountered, a DNS lookup will be performed,
|
||||
# but it will be logged as a warning.
|
||||
# no: if a hostname is encountered, will not be used for banning,
|
||||
# but it will be logged as info.
|
||||
# raw: use raw value (no hostname), allow use it for no-host filters/actions (example user)
|
||||
usedns = yes
|
||||
|
||||
#
|
||||
# ACTIONS
|
||||
#
|
||||
|
||||
# Some options used for actions
|
||||
|
||||
# Destination email address used solely for the interpolations in
|
||||
# jail.{conf,local,d/*} configuration files.
|
||||
destemail = sysadmin@slackware.network
|
||||
|
||||
# Sender email address used solely for some actions
|
||||
sender = noreply@slackware.network
|
||||
|
||||
#
|
||||
# JAILS
|
||||
#
|
||||
|
||||
[dovecot]
|
||||
enabled = yes
|
||||
filter = dovecot
|
||||
port = imap2,imaps,pop3,pop3s
|
||||
logpath = /var/log/imapd
|
||||
mode = normal
|
||||
|
||||
[exim]
|
||||
enabled = yes
|
||||
filter = exim
|
||||
port = smtp,smtps,submission
|
||||
logpath = /var/log/smtp
|
||||
mode = normal
|
||||
|
||||
[proftpd]
|
||||
enabled = no
|
||||
filter = proftpd
|
||||
port = ftp,ftps
|
||||
logfile = /var/log/ftpd
|
||||
|
||||
[roundcube]
|
||||
enabled = yes
|
||||
filter = roundcube-auth
|
||||
port = http,https
|
||||
logfile = /data/sites/webmail.slackware.network/logs/roundcube/userlogins.log
|
||||
maxretry = 10
|
||||
|
||||
[sshd]
|
||||
# Modes are: normal (default), ddos, extra or aggressive (combines all).
|
||||
enabled = yes
|
||||
filter = sshd
|
||||
port = ssh,9922
|
||||
mode = aggressive
|
||||
Loading…
Add table
Add a link
Reference in a new issue