2023-09-22 19:44:17 +02:00
|
|
|
[INCLUDES]
|
|
|
|
|
|
|
|
before = uptimerobot.local
|
|
|
|
|
2023-09-20 00:34:12 +02:00
|
|
|
[DEFAULT]
|
|
|
|
|
|
|
|
# Prevents banning LAN subnets
|
|
|
|
ignoreip = 127.0.0.1/8 ::1
|
|
|
|
10.0.0.0/8
|
|
|
|
172.16.0.0/12
|
|
|
|
192.168.0.0/16
|
2023-10-05 16:51:06 +02:00
|
|
|
${FAIL2BAN_IGNORED_IP}
|
2023-09-22 19:44:17 +02:00
|
|
|
%(uptimerobot_ips)s
|
2023-09-20 00:34:12 +02:00
|
|
|
|
|
|
|
# "bantime" is the number of seconds that a host is banned.
|
|
|
|
bantime = 1w
|
|
|
|
|
|
|
|
# A host is banned if it has generated "maxretry" during the last "findtime"
|
|
|
|
# seconds.
|
2023-09-22 19:44:17 +02:00
|
|
|
findtime = 15m
|
2023-09-20 00:34:12 +02:00
|
|
|
|
|
|
|
# "maxretry" is the number of failures before a host get banned.
|
2023-09-21 13:47:22 +02:00
|
|
|
maxretry = 3
|
2023-09-20 00:34:12 +02:00
|
|
|
|
2023-09-20 20:56:20 +02:00
|
|
|
# Default banning action
|
|
|
|
banaction = %(banaction_allports)s
|
|
|
|
|
2023-09-20 00:34:12 +02:00
|
|
|
[sshd]
|
|
|
|
enabled = true
|
|
|
|
chain = INPUT
|
|
|
|
port = 222
|
|
|
|
logpath = %(syslog_local0)s
|
|
|
|
|
|
|
|
[gitea-auth]
|
|
|
|
enabled = true
|
|
|
|
chain = DOCKER-USER
|
|
|
|
|
|
|
|
[vaultwarden-auth]
|
|
|
|
enabled = true
|
|
|
|
chain = DOCKER-USER
|
2023-09-20 20:56:20 +02:00
|
|
|
|
|
|
|
[dovecot]
|
|
|
|
enabled = true
|
|
|
|
chain = DOCKER-USER
|
|
|
|
logpath = %(logs_path)s/mail/mail.log
|
|
|
|
filter = dovecot
|
|
|
|
|
|
|
|
[postfix]
|
|
|
|
enabled = true
|
|
|
|
chain = DOCKER-USER
|
|
|
|
logpath = %(logs_path)s/mail/mail.log
|
|
|
|
filter = postfix
|
|
|
|
mode = extra
|
|
|
|
|
|
|
|
[permaban]
|
|
|
|
enabled = true
|
|
|
|
chain = DOCKER-USER
|
|
|
|
filter =
|
|
|
|
bantime = -1
|