29 lines
870 B
Plaintext
29 lines
870 B
Plaintext
[recidivist]
|
|
|
|
# Ensure this system isn't blocked by accident
|
|
ignoreip = 127.0.0.1/8 ::1
|
|
|
|
# Check *Fail2Ban log* for repeat offenders (change this if you're log is stored
|
|
# elsewhere)
|
|
logpath = /var/log/fail2ban.log
|
|
|
|
# Timeframes (remember we are checking for systems that have already been banned
|
|
# 'maxretry' times within 'findtime')
|
|
# Remember that your 'dbpurgeage' in 'fail2ban.local' must be at least as long
|
|
# as whatever you specifiy for 'findtime' here so there's enough history for F2B
|
|
# to review!
|
|
maxretry = 3
|
|
findtime = 86400
|
|
|
|
# Levy a long 'bantime' on the multiple offender system (Suggest: min 3 days)
|
|
bantime = 259200
|
|
|
|
# Use iptables directly instead of UFW so bans do not conflict
|
|
banaction = iptables-allports
|
|
|
|
# Use the 'recidive' built-in filter
|
|
filter = recidive[_jailname="recidivist"]
|
|
|
|
# Enable the jail
|
|
enabled = true
|