[DEFAULT] # Prevents banning LAN subnets ignoreip = 127.0.0.1/8 ::1 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 # "bantime" is the number of seconds that a host is banned. bantime = 1w # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 30m # "maxretry" is the number of failures before a host get banned. maxretry = 5 [sshd] enabled = true chain = INPUT port = 222 logpath = %(syslog_local0)s action = %(known/action)s [gitea-auth] enabled = true chain = DOCKER-USER port = http,https,2222 action = %(known/action)s [vaultwarden-auth] enabled = true chain = DOCKER-USER action = %(known/action)s