WebSVN – ALCASAR – Diff – /conf/fail2ban.sh



#!/bin/sh
# $Id: fail2ban.sh 2284 2017-06-20 08:10:24Z tom.houdayer $
 
FAIL_CONF="/etc/fail2ban/fail2ban.conf"
JAIL_CONF="/etc/fail2ban/jail.conf"
DIR_FILTER="/etc/fail2ban/filter.d/"
ACTION_ALLPORTS="/etc/fail2ban/action.d/iptables-allports.conf"

action   = iptables-allports[name=SSH]
logpath  = /var/log/auth.log
maxretry = 3
 
# Bannissement sur tous les ports après 5 échecs de connexion sur le centre de contrôle (ACC)
[alcasar_acc]
 
enabled = true
#enabled = false
filter = alcasar_acc
action = iptables-allports[name=alcasar_acc]
logpath = /var/log/httpd/ssl_error_log
maxretry = 5
 
# Bannissement sur tout les ports après 5 echecs de connexion pour un usager
[alcasar_intercept]

EOF
 
#######################
## ACC-HTDIGEST.CONF ##
#######################
cat << EOF > $DIR_FILTER/alcasar_acc.conf
# Fail2Ban configuration file
#
# Author: Cyril Jaquier
# Adapted by ALCASAR team
 

Rev 2272	Rev 2284
Line 1...	Line 1...
1	`#!/bin/sh`	1	`#!/bin/sh`
2	`# $Id: fail2ban.sh 2272 2017-06-04 19:03:43Z tom.houdayer $`	2	`# $Id: fail2ban.sh 2284 2017-06-20 08:10:24Z tom.houdayer $`
3		3
4	`FAIL_CONF="/etc/fail2ban/fail2ban.conf"`	4	`FAIL_CONF="/etc/fail2ban/fail2ban.conf"`
5	`JAIL_CONF="/etc/fail2ban/jail.conf"`	5	`JAIL_CONF="/etc/fail2ban/jail.conf"`
6	`DIR_FILTER="/etc/fail2ban/filter.d/"`	6	`DIR_FILTER="/etc/fail2ban/filter.d/"`
7	`ACTION_ALLPORTS="/etc/fail2ban/action.d/iptables-allports.conf"`	7	`ACTION_ALLPORTS="/etc/fail2ban/action.d/iptables-allports.conf"`
Line 120...	Line 120...
120	`action = iptables-allports[name=SSH]`	120	`action = iptables-allports[name=SSH]`
121	`logpath = /var/log/auth.log`	121	`logpath = /var/log/auth.log`
122	`maxretry = 3`	122	`maxretry = 3`
123		123
124	`# Bannissement sur tous les ports après 5 échecs de connexion sur le centre de contrôle (ACC)`	124	`# Bannissement sur tous les ports après 5 échecs de connexion sur le centre de contrôle (ACC)`
125	`[alcasar_acc-htdigest]`	125	`[alcasar_acc]`
126		126
127	`enabled = true`	127	`enabled = true`
128	`#enabled = false`	128	`#enabled = false`
129	`filter = alcasar_acc-htdigest`	129	`filter = alcasar_acc`
130	`action = iptables-allports[name=alcasar_acc-htdigest]`	130	`action = iptables-allports[name=alcasar_acc]`
131	`logpath = /var/log/httpd/ssl_error_log`	131	`logpath = /var/log/httpd/ssl_error_log`
132	`maxretry = 5`	132	`maxretry = 5`
133		133
134	`# Bannissement sur tout les ports après 5 echecs de connexion pour un usager`	134	`# Bannissement sur tout les ports après 5 echecs de connexion pour un usager`
135	`[alcasar_intercept]`	135	`[alcasar_intercept]`
Line 190...	Line 190...
190	`EOF`	190	`EOF`
191		191
192	`#######################`	192	`#######################`
193	`## ACC-HTDIGEST.CONF ##`	193	`## ACC-HTDIGEST.CONF ##`
194	`#######################`	194	`#######################`
195	`cat << EOF > $DIR_FILTER/alcasar_acc-htdigest.conf`	195	`cat << EOF > $DIR_FILTER/alcasar_acc.conf`
196	`# Fail2Ban configuration file`	196	`# Fail2Ban configuration file`
197	`#`	197	`#`
198	`# Author: Cyril Jaquier`	198	`# Author: Cyril Jaquier`
199	`# Adapted by ALCASAR team`	199	`# Adapted by ALCASAR team`
200		200

Subversion Repositories ALCASAR

(root)/conf/fail2ban.sh @ 2296 – Rev 2272 → 2284