Commit c12ee173 authored by Filip Polbratt's avatar Filip Polbratt

Add node specific fail2ban config

parent 514ef2c6
---
lysnetwork::fail2ban::config:
DEFAULT:
banaction: iptables-multiport
ignoreip: 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 130.236.254.0/24
backend: systemd
sshd:
enabled: true
findtime: 3600
maxretry: 5
sshlongterm:
banaction: iptables-multiport
port: ssh
logpath: "%(sshd_log)s"
maxretry: 30
findtime: 259200
bantime: 608400
enabled: true
filter: sshd
request-tracker:
enabled: true
filter: request-tracker
logpath: /var/log/syslog
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment