Add flushaction

Change unban to find by ip address not comment

1 files changed, 9 insertions, 4 deletions

diff --git a/config/action.d/mikrotik.conf b/config/action.d/mikrotik.conf
index 91e587aa..cdf63bcb 100644
--- a/config/action.d/mikrotik.conf
+++ b/config/action.d/mikrotik.conf
@@ -4,7 +4,7 @@
 #
 # Author: Duncan Bellamy <dunk@denkimushi.com>
 # based on forum.mikrotik.com post by pakjebakmeel
-#
+##
 # in the instructions:
 # (10.0.0.1 is ip of mikrotik router)
 # (10.0.0.2 is ip of fail2ban machine)
@@ -46,13 +46,15 @@
 
 actionstart =
 
-actionstop =
+actionstop = %(actionflush)s
+
+actionflush = %(mtikcommand)s "/ip firewall address-list remove [find list=\"%(mtiklistname)s\" comment~\"%(startcomment)s*\"]"
 
 actioncheck =
 
 actionban = %(mtikcommand)s "/ip firewall address-list add list=\"%(mtiklistname)s\" address=<ip> comment=%(mtikcomment)s"
 
-actionunban = %(mtikcommand)s "/ip firewall address-list remove [find list=\"%(mtiklistname)s\" comment=%(mtikcomment)s]"
+actionunban = %(mtikcommand)s "/ip firewall address-list remove [find list=\"%(mtiklistname)s\" address=<ip>]"
 
 mtikcommand = ssh -l %(mtikuser)s -p%(mtikport)s -i %(mtikkeyfile)s %(mtikhost)s
 
@@ -71,9 +73,12 @@ mtikhost =
 # Option: mtiklistname
 # Notes.: name of "address-list" to use on router
 mtiklistname = Auto Fail2Ban
+# Option: startcomment
+# Notes.: used as a prefix to all comments, and used to match for flushing rules
+startcomment = AutoF2B
 # Option: mtikcomment
 # Notes.: comment to use on routerOS (must be unique as used for ip address removal)
-mtikcomment = AutoF2B-<name>-<ip>
+mtikcomment = %(startcomment)s-<name>-<ip>
 
 [Init]
 name="%(__name__)s"