Initial commit.

fail2ban/jail.d/00-firewalld.conf

@@ -0,0 +1,6 @@
+# This file is part of the fail2ban-firewalld package to configure the use of
+# the firewalld actions as the default actions.  You can remove this package
+# (along with the empty fail2ban meta-package) if you do not use firewalld
+[DEFAULT]
+banaction = firewallcmd-rich-rules[actiontype=<multiport>]
+banaction_allports = firewallcmd-rich-rules[actiontype=<allports>]

fail2ban/jail.d/default.conf

@@ -0,0 +1,59 @@
+# Custom fail2ban base jail specification file.
+#
+# YOU SHOULD NOT MODIFY THIS FILE.
+# It will probably be overwitten or improved in a distribution update.
+#
+# All jail names should be under 20 symbols to avoid warnings
+
+# action = mail[name="name=%(__name__)s", "%(destemail)s", "logpath=%(logpath)s"]
+
+[dovecot]
+enabled  = false
+action   = iptables-multiport[name="dovecot", port="imap,imap3,imaps,pop3,pop3s"]
+filter   = dovecot
+logpath  = /var/log/maillog
+maxretry = 3
+
+[postfix-auth]
+enabled  = false
+action   = iptables-multiport[name="postfix-auth", port="smtp,smtps,submission"]
+filter   = postfix-auth
+logpath  = /var/log/maillog
+maxretry = 3
+
+[postfix-rbl]
+enabled  = false
+action   = iptables-multiport[name="postfix-rbl", port="smtp,smtps,submission"]
+filter   = postfix-rbl
+logpath  = /var/log/maillog
+maxretry = 3
+
+[postfix-sasl]
+enabled  = false
+action   = iptables-multiport[name="postfix-sasl", port="smtp,smtps,submission"]
+filter   = postfix-sasl
+logpath  = /var/log/maillog
+maxretry = 3
+
+[postfix-smtp-reject]
+enabled  = false
+action   = iptables-multiport[name="postfix-smtp-reject", port="smtp,smtps,submission"]
+filter   = postfix-smtp-reject
+logpath  = /var/log/maillog
+maxretry = 2
+
+[postfix-ssl-error]
+enabled  = false
+action   = iptables-multiport[name="postfix-ssl-error", port="smtp,smtps,submission"]
+filter   = postfix-ssl-error
+logpath  = /var/log/maillog
+maxretry = 3
+
+[nginx-forbidden]
+enabled = false
+filter = nginx-forbidden
+port = http,https
+logpath = /var/log/nginx/*.error*.log
+findtime = 60
+bantime = 86400
+maxretry = 3

fail2ban/jail.d/recidive.conf

@@ -0,0 +1,31 @@
+[recidive-3h]
+enabled = false
+filter = recidive
+bantime = 10800 ; 3 hours
+findtime = 86400 ; 1 day
+logpath = /var/log/fail2ban.log
+maxretry = 4
+
+[recidive-1day]
+enabled = false
+filter = recidive
+bantime = 86400 ;1 day
+findtime = 604800 ;1 week
+logpath = /var/log/fail2ban.log
+maxretry = 7
+
+[recidive-1week]
+enabled = false
+filter = recidive
+bantime = 604800 ;1 week
+findtime = 2592000 ;1 month
+logpath = /var/log/fail2ban.log
+maxretry = 10
+
+[recidive-1month]
+enabled = false
+filter =recidive
+bantime = 2592000 ;1 month
+findtime = 15552000 ;6 months
+logpath = /var/log/fail2ban.log
+maxretry = 20