Add 'config/fail2ban/jail.local'

2019-08-31 23:07:54 +02:00
parent 0704354d80
commit d1709fd7f3
1 changed files with 52 additions and 0 deletions
--- a/config/fail2ban/jail.local
+++ b/config/fail2ban/jail.local
@@ -0,0 +1,52 @@
+[dovecot-pop3imap]
+enabled = true
+filter = dovecot-pop3imap
+action = iptables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,imap,imaps", protocol=tcp]
+logpath = /var/log/mail.log
+maxretry = 3
+findtime = 600
+bantime = 3600
+
+[postfix-sasl]
+enabled  = true
+port     = smtp
+filter   = postfix-sasl
+logpath  = /var/log/mail.log
+maxretry = 3
+findtime = 600
+bantime = 3600
+
+[rainloop]
+enabled = false
+port = http,https
+logpath = /var/www/rainloop/data/_data_/_default_/logs/fail2ban/auth-fail.txt
+maxretry = 3
+findtime = 600
+bantime = 3600
+
+[nginx-http-auth]
+enabled = false
+filter  = nginx-http-auth
+action  = iptables-multiport[name=nginx-http-auth,port="80,443"]
+logpath = /var/log/nginx/error.log
+maxretry = 3
+findtime = 600
+bantime = 3600
+
+[sieve]
+enabled = false
+filter  = sieve
+action  = iptables-multiport[name=sieve,port="25,465,587"]
+logpath = /var/log/mail*log
+maxretry = 3
+findtime = 600
+bantime = 3600
+
+[ssh]
+enabled  = true
+port     = ssh
+filter   = sshd
+logpath  = /var/log/auth.log
+maxretry = 5
+findtime = 600
+bantime = 3600