container-server/services/fail2ban/jail.local

53 lines
1,003 B
Text

[DEFAULT]
# Prevents banning LAN subnets
ignoreip = 127.0.0.1/8 ::1
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
# "bantime" is the number of seconds that a host is banned.
bantime = 1w
# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
findtime = 30m
# "maxretry" is the number of failures before a host get banned.
maxretry = 5
# Default banning action
banaction = %(banaction_allports)s
[sshd]
enabled = true
chain = INPUT
port = 222
logpath = %(syslog_local0)s
[gitea-auth]
enabled = true
chain = DOCKER-USER
[vaultwarden-auth]
enabled = true
chain = DOCKER-USER
[dovecot]
enabled = true
chain = DOCKER-USER
logpath = %(logs_path)s/mail/mail.log
filter = dovecot
[postfix]
enabled = true
chain = DOCKER-USER
logpath = %(logs_path)s/mail/mail.log
filter = postfix
mode = extra
[permaban]
enabled = true
chain = DOCKER-USER
filter =
bantime = -1