WebSVN – ALCASAR – Diff – /conf/fail2ban.sh



# ban a host which matches an address in this list. Several addresses can be
# defined using space separator.
ignoreip = 127.0.0.1/8
 
# "bantime" is the number of seconds that a host is banned.
bantime  = 300
 
# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
# Un client est banni dans le cas ou il genere "maxretry" pendant le temps
# findtime en seconds

filter   = sshd
action   = iptables-allports[name=SSH]
logpath  = /var/log/auth.log
maxretry = 3
 
# Bannissement si 5 échec de connexion sur alcasar/acc
 
[htdigest]
 
enabled = true
#enabled = false
filter = htdigest
action = iptables-allports[name=htdigest]
logpath = /var/log/httpd/ssl_error_log
maxretry = 5
 
# Bannissement si 5 echec de connexion sur intercept.php (reason=reject)
 
[intercept]
 
enabled = true
#enabled = false

Rev 1196	Rev 1270
Line 69...	Line 69...
69	`# ban a host which matches an address in this list. Several addresses can be`	69	`# ban a host which matches an address in this list. Several addresses can be`
70	`# defined using space separator.`	70	`# defined using space separator.`
71	`ignoreip = 127.0.0.1/8`	71	`ignoreip = 127.0.0.1/8`
72		72
73	`# "bantime" is the number of seconds that a host is banned.`	73	`# "bantime" is the number of seconds that a host is banned.`
74	`bantime = 600`	74	`bantime = 300`
75		75
76	`# A host is banned if it has generated "maxretry" during the last "findtime"`	76	`# A host is banned if it has generated "maxretry" during the last "findtime"`
77	`# seconds.`	77	`# seconds.`
78	`# Un client est banni dans le cas ou il genere "maxretry" pendant le temps`	78	`# Un client est banni dans le cas ou il genere "maxretry" pendant le temps`
79	`# findtime en seconds`	79	`# findtime en seconds`
Line 120...	Line 120...
120	`filter = sshd`	120	`filter = sshd`
121	`action = iptables-allports[name=SSH]`	121	`action = iptables-allports[name=SSH]`
122	`logpath = /var/log/auth.log`	122	`logpath = /var/log/auth.log`
123	`maxretry = 3`	123	`maxretry = 3`
124		124
125	`# Bannissement si 5 tentatives de connexion echouer en alcasar/acc`	125	`# Bannissement si 5 échec de connexion sur alcasar/acc`
126		126
127	`[htdigest]`	127	`[htdigest]`
128		128
129	`enabled = true`	129	`enabled = true`
130	`#enabled = false`	130	`#enabled = false`
131	`filter = htdigest`	131	`filter = htdigest`
132	`action = iptables-allports[name=htdigest]`	132	`action = iptables-allports[name=htdigest]`
133	`logpath = /var/log/httpd/ssl_error_log`	133	`logpath = /var/log/httpd/ssl_error_log`
134	`maxretry = 5`	134	`maxretry = 5`
135		135
136	`# Bannissement si 5 tentatives de connexion avec intercept.php avec reason=reject`	136	`# Bannissement si 5 echec de connexion sur intercept.php (reason=reject)`
137		137
138	`[intercept]`	138	`[intercept]`
139		139
140	`enabled = true`	140	`enabled = true`
141	`#enabled = false`	141	`#enabled = false`

Subversion Repositories ALCASAR

(root)/conf/fail2ban.sh – Rev 1196 → 1270