From 15cf08c1dd5c51635ba824e6e6082d09201c88b9 Mon Sep 17 00:00:00 2001
From: Asif Bacchus <asif@programming.bacchus.network>
Date: Sat, 29 Sep 2018 17:26:23 -0600
Subject: [PATCH] Default ufw.conf action file from F2B with blocktype changed

---
 etc/fail2ban/action.d/ufw.conf | 43 ++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 etc/fail2ban/action.d/ufw.conf

diff --git a/etc/fail2ban/action.d/ufw.conf b/etc/fail2ban/action.d/ufw.conf
new file mode 100644
index 0000000..d956a9f
--- /dev/null
+++ b/etc/fail2ban/action.d/ufw.conf
@@ -0,0 +1,43 @@
+# Fail2Ban action configuration file for ufw
+#
+# You are required to run "ufw enable" before this will have any effect.
+#
+# The insert position should be appropriate to block the required traffic.
+# A number after an allow rule to the application won't be of much use.
+
+[Definition]
+
+actionstart = 
+
+actionstop = 
+
+actioncheck = 
+
+actionban = [ -n "<application>" ] && app="app <application>"
+            ufw insert <insertpos> <blocktype> from <ip> to <destination> $app
+
+actionunban = [ -n "<application>" ] && app="app <application>"
+              ufw delete <blocktype> from <ip> to <destination> $app
+
+[Init]
+# Option: insertpos
+# Notes.:  The position number in the firewall list to insert the block rule
+insertpos = 1
+
+# Option: blocktype
+# Notes.: reject or deny
+#blocktype = reject
+blocktype = deny
+
+# Option: destination
+# Notes.: The destination address to block in the ufw rule
+destination = any
+
+# Option: application
+# Notes.: application from sudo ufw app list
+application = 
+
+# DEV NOTES:
+# 
+# Author: Guilhem Lettron
+# Enhancements: Daniel Black