fail2banUFW/etc/fail2ban/jail.d/recidivist.conf

29 lines
870 B
Plaintext

[recidivist]
# Ensure this system isn't blocked by accident
ignoreip = 127.0.0.1/8 ::1
# Check *Fail2Ban log* for repeat offenders (change this if you're log is stored
# elsewhere)
logpath = /var/log/fail2ban.log
# Timeframes (remember we are checking for systems that have already been banned
# 'maxretry' times within 'findtime')
# Remember that your 'dbpurgeage' in 'fail2ban.local' must be at least as long
# as whatever you specifiy for 'findtime' here so there's enough history for F2B
# to review!
maxretry = 3
findtime = 86400
# Levy a long 'bantime' on the multiple offender system (Suggest: min 3 days)
bantime = 259200
# Use iptables directly instead of UFW so bans do not conflict
banaction = iptables-allports
# Use the 'recidive' built-in filter
filter = recidive[_jailname="recidivist"]
# Enable the jail
enabled = true