Subversion Repositories ALCASAR

Rev

Rev 2497 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2497 Rev 2815
Line 1... Line 1...
1 
#!/bin/sh
 1 
#!/bin/sh
2 
# $Id: fail2ban.sh 2497 2018-02-26 02:00:25Z tom.houdayer $
 2 
# $Id: fail2ban.sh 2815 2020-05-03 22:10:04Z rexy $
3 
 
 3 
 
4 
JAIL_CONF="/etc/fail2ban/jail.conf"
 4 
JAIL_CONF="/etc/fail2ban/jail.conf"
5 
DIR_FILTER="/etc/fail2ban/filter.d/"
 5 
DIR_FILTER="/etc/fail2ban/filter.d/"
6 
ACTION_ALLPORTS="/etc/fail2ban/action.d/iptables-allports.conf"
 6 
ACTION_ALLPORTS="/etc/fail2ban/action.d/iptables-allports.conf"
7 
 
 7 
 
Line 26... Line 26...
26 
# ban a host which matches an address in this list. Several addresses can be
 26 
# ban a host which matches an address in this list. Several addresses can be
27 
# defined using space separator.
 27 
# defined using space separator.
28 
ignoreip = 127.0.0.1/8
 28 
ignoreip = 127.0.0.1/8
29 
 
 29 
 
30 
# "bantime" is the number of seconds that a host is banned.
 30 
# "bantime" is the number of seconds that a host is banned.
31 
bantime  = 300
 31 
bantime  = 180
32 
 
 32 
 
33 
# A host is banned if it has generated "maxretry" during the last "findtime" seconds.
 33 
# A host is banned if it has generated "maxretry" during the last "findtime" seconds.
34 
# Un client est banni s'il génere "maxretry" requêtes pendant "findtime" (en secondes)
 34 
# Un client est banni s'il génere "maxretry" requêtes pendant "findtime" (en secondes)
35 
# Pour ALCASAR : 5 requetes pour chaque filtres en 60 secondes
 35 
# Pour ALCASAR : 5 requetes pour chaque filtres en 60 secondes
36 
findtime  = 60
 36 
findtime  = 60
Line 56... Line 56...
56 
# but it will be logged as a warning.
 56 
# but it will be logged as a warning.
57 
# no: if a hostname is encountered, will not be used for banning,
 57 
# no: if a hostname is encountered, will not be used for banning,
58 
# but it will be logged as info.
 58 
# but it will be logged as info.
59 
usedns = warn
 59 
usedns = warn
60 
 
 60 
 
61 
# Bannissement sur tous les ports après 2 refus d'Apache (tentative d'accès sur des pages inexistentes)
 61 
# Bannissement sur tous les ports après 3 refus du serveur WEB (tentative d'accès sur des pages inexistentes)
62 
[alcasar_mod-evasive]
 62 
[alcasar_mod-evasive]
63 
 
 63 
 
64 
#enabled = true
 64 
#enabled = true
65 
enabled = false
 65 
enabled = false
66 
backend = auto
 66 
backend = auto
67 
filter = alcasar_mod-evasive
 67 
filter = alcasar_mod-evasive
68 
action = iptables-allports[name=alcasar_mod-evasive]
 68 
action = iptables-allports[name=alcasar_mod-evasive]
69 
logpath = /var/log/lighttpd/access.log
 69 
logpath = /var/log/lighttpd/access.log
70 
maxretry = 2
 70 
maxretry = 3
71 
 
 71 
 
72 
# Bannissement sur tout les ports après 3 refus de SSH (tentative d'accès par brute-force)
 72 
# Bannissement sur tout les ports après 3 refus de SSH (tentative d'accès par brute-force)
73 
[ssh-iptables]
 73 
[ssh-iptables]
74 
 
 74 
 
75 
enabled = true
 75 
enabled = true