Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
E
etersoft-admin-essentials
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
etersoft
etersoft-admin-essentials
Commits
8a4f587b
Commit
8a4f587b
authored
Feb 13, 2016
by
Vitaly Lipatov
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
add eterguard action
parent
c7f0d9a6
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
63 additions
and
0 deletions
+63
-0
.gitignore
ddos/.gitignore
+1
-0
iptables-ipset-proto4-eterguard.conf
fail2ban/action.d/iptables-ipset-proto4-eterguard.conf
+62
-0
No files found.
ddos/.gitignore
0 → 100644
View file @
8a4f587b
*.list
fail2ban/action.d/iptables-ipset-proto4-eterguard.conf
0 → 100644
View file @
8a4f587b
# Fail2Ban configuration file
#
# Author: Daniel Black
#
# This is for ipset protocol 4 (ipset v4.2). If you have a later version
# of ipset try to use the iptables-ipset-proto6.conf as it does some things
# nicer.
#
# This requires the program ipset which is normally in package called ipset.
#
# IPset was a feature introduced in the linux kernel 2.6.39 and 3.0.0 kernels.
#
# If you are running on an older kernel you make need to patch in external
# modules. Debian squeeze can do this with:
# apt-get install xtables-addons-source
# module-assistant auto-install xtables-addons
#
# Debian wheezy and above uses protocol 6
[
INCLUDES
]
before
=
iptables
-
common
.
conf
[
Init
]
blocktype
=
DNAT
--
to
-
destination
91
.
232
.
225
.
15
:
80
[
Definition
]
# Option: actionstart
# Notes.: command executed once at the start of Fail2Ban.
# Values: CMD
#
actionstart
=
ipset
--
create
f2b
-<
name
>
iphash
<
iptables
> -
t
mangle
-
A
PREROUTING
-
p
<
protocol
> -
m
multiport
--
dports
<
port
> -
m
set
--
match
-
set
f2b
-<
name
>
src
-
j
<
blocktype
>
# Option: actionstop
# Notes.: command executed once at the end of Fail2Ban
# Values: CMD
#
actionstop
= <
iptables
> -
t
mangle
-
D
PREROUTING
-
p
<
protocol
> -
m
multiport
--
dports
<
port
> -
m
set
--
match
-
set
f2b
-<
name
>
src
-
j
<
blocktype
>
ipset
--
flush
f2b
-<
name
>
ipset
--
destroy
f2b
-<
name
>
# Option: actionban
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: See jail.conf(5) man page
# Values: CMD
#
actionban
=
ipset
--
test
f2b
-<
name
> <
ip
> ||
ipset
--
add
f2b
-<
name
> <
ip
>
# Option: actionunban
# Notes.: command executed when unbanning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: See jail.conf(5) man page
# Values: CMD
#
actionunban
=
ipset
--
test
f2b
-<
name
> <
ip
> &&
ipset
--
del
f2b
-<
name
> <
ip
>
[
Init
]
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
