diff options
author | sebres <serg.brester@sebres.de> | 2016-10-13 19:01:13 +0200 |
---|---|---|
committer | sebres <serg.brester@sebres.de> | 2016-10-13 19:01:13 +0200 |
commit | c809c3e61e86db3c1a8acc09ff67acaa38b5f8c0 (patch) | |
tree | 5db09986bcf889759643c59906f50eeae10f02b1 /config/action.d | |
parent | 77f2dcfdb659e4d6f2f1604c781362fc5c8d7da2 (diff) | |
parent | 15dc2db8bbed819045843c4bd531fc234c2d43fd (diff) | |
download | fail2ban-c809c3e61e86db3c1a8acc09ff67acaa38b5f8c0.tar.gz |
Merge branch 'master' into 0.10
Diffstat (limited to 'config/action.d')
-rw-r--r-- | config/action.d/npf.conf | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/config/action.d/npf.conf b/config/action.d/npf.conf new file mode 100644 index 00000000..8b00d177 --- /dev/null +++ b/config/action.d/npf.conf @@ -0,0 +1,61 @@ +# Fail2Ban configuration file +# +# NetBSD npf ban/unban +# +# Author: Nils Ratusznik <nils@NetBSD.org> +# Based on pf.conf action file +# + +[Definition] + +# Option: actionstart +# Notes.: command executed once at the start of Fail2Ban. +# Values: CMD +# +# we don't enable NPF automatically, as it will be enabled elsewhere +actionstart = + + +# Option: actionstop +# Notes.: command executed once at the end of Fail2Ban +# Values: CMD +# +# we don't disable NPF automatically either +actionstop = + + +# Option: actioncheck +# Notes.: command executed once before each actionban command +# Values: CMD +# +actioncheck = + + +# Option: actionban +# Notes.: command executed when banning an IP. Take care that the +# command is executed with Fail2Ban user rights. +# Tags: <ip> IP address +# <failures> number of failures +# <time> unix timestamp of the ban time +# Values: CMD +# +actionban = /sbin/npfctl table <tablename> add <ip> + + +# Option: actionunban +# Notes.: command executed when unbanning an IP. Take care that the +# command is executed with Fail2Ban user rights. +# Tags: <ip> IP address +# <failures> number of failures +# <time> unix timestamp of the ban time +# Values: CMD +# +# note -r option used to remove matching rule +actionunban = /sbin/npfctl table <tablename> rem <ip> + +[Init] +# Option: tablename +# Notes.: The pf table name. +# Values: [ STRING ] +# +tablename = fail2ban |