diff --git a/data/common.yaml b/data/common.yaml index 46cba687aa92b14722be88c95406812059890d04..12df85a2d7122a4cbb34720c7c4d155221972cf2 100644 --- a/data/common.yaml +++ b/data/common.yaml @@ -2,3 +2,22 @@ lysnetwork::ssh::server_package: openssh-server lysnetwork::ssh::client_package: openssh lysnetwork::ssh::service_name: ssh + +lysnetwork::fail2ban::config: + DEFAULT: + banaction: iptables-multiport + ignoreip: 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 130.236.254.0/24 + backend: systemd + sshd: + enabled: true + findtime: 3600 + maxretry: 5 + sshlongterm: + banaction: iptables-multiport + port: ssh + logpath: "%(sshd_log)s" + maxretry: 30 + findtime: 259200 + bantime: 608400 + enabled: true + filter: sshd \ No newline at end of file