From c12ee17356350e315c33177f48d6c04f391bfaaf Mon Sep 17 00:00:00 2001 From: Filip Polbratt Date: Fri, 28 Aug 2020 18:01:48 +0200 Subject: [PATCH] Add node specific fail2ban config --- nodes/ticket.lysator.liu.se.yaml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 nodes/ticket.lysator.liu.se.yaml diff --git a/nodes/ticket.lysator.liu.se.yaml b/nodes/ticket.lysator.liu.se.yaml new file mode 100644 index 0000000..8c75126 --- /dev/null +++ b/nodes/ticket.lysator.liu.se.yaml @@ -0,0 +1,23 @@ +--- +lysnetwork::fail2ban::config: + DEFAULT: + banaction: iptables-multiport + ignoreip: 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 130.236.254.0/24 + backend: systemd + sshd: + enabled: true + findtime: 3600 + maxretry: 5 + sshlongterm: + banaction: iptables-multiport + port: ssh + logpath: "%(sshd_log)s" + maxretry: 30 + findtime: 259200 + bantime: 608400 + enabled: true + filter: sshd + request-tracker: + enabled: true + filter: request-tracker + logpath: /var/log/syslog -- GitLab