Skip to content

Instantly share code, notes, and snippets.

@centminmod

centminmod/fail2ban-cf-firewall-api.sh.md Secret

Last active May 5, 2021 09:07
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save centminmod/8e224ec689d8cf46e40b89b4d9e9d02f to your computer and use it in GitHub Desktop.
Save centminmod/8e224ec689d8cf46e40b89b4d9e9d02f to your computer and use it in GitHub Desktop.
Download ZIP
fail2ban cloudflare v4 API actionban trying to pass the filter name to notes
Raw
fail2ban-cf-firewall-api.sh.md

create a CF List named fail2ban

./cf-firewall-api.sh cflist-list
{
  "result": [
    {
      "id": "66c6a1514b67416fa7f959c5d52a9eb9",
      "name": "fail2ban",
      "description": "fail2ban list",
      "kind": "ip",
      "num_items": 2,
      "num_referencing_filters": 1,
      "created_on": "2021-05-05T05:07:41Z",
      "modified_on": "2021-05-05T08:06:37Z"
    },
    {
      "id": "c2b3a273bc534357b43b5ef64af61cf4",
      "name": "warp_ips",
      "description": "Warp IPs",
      "kind": "ip",
      "num_items": 1,
      "num_referencing_filters": 0,
      "created_on": "2021-05-04T09:30:58Z",
      "modified_on": "2021-05-04T09:31:41Z"
    }
  ],
  "success": true,
  "errors": [],
  "messages": []
}
./cf-firewall-api.sh

./cf-firewall-api.sh ban xxx.xxx.xxx.xxx
./cf-firewall-api.sh ban-range xxx.xxx.xxx.xxx/16
./cf-firewall-api.sh unban xxx.xxx.xxx.xxx
./cf-firewall-api.sh unban-range xxx.xxx.xxx.xxx/16
./cf-firewall-api.sh list xxx.xxx.xxx.xxx
./cf-firewall-api.sh list-json xxx.xxx.xxx.xxx
./cf-firewall-api.sh list-age xxx.xxx.xxx.xxx
./cf-firewall-api.sh list-age
./cf-firewall-api.sh unban-age seconds-to-unban-threshold

./cf-firewall-api.sh cflist-create listname
./cf-firewall-api.sh cflist-delete listname
./cf-firewall-api.sh cflist-list listname
./cf-firewall-api.sh cflist-list
./cf-firewall-api.sh cflist-addip listname xxx.xxx.xxx.xxx comment
./cf-firewall-api.sh cflist-deleteip listname xxx.xxx.xxx.xxx
./cf-firewall-api.sh cflist-getip listname xxx.xxx.xxx.xxx
./cf-firewall-api.sh cflist-getip listname
actionban = /path/to/cf-firewall-api.sh cflist-addip fail2ban <ip> fail2ban-comment

actionunban = /path/to/cf-firewall-api.sh cflist-deleteip fail2ban <ip> fail2ban-comment

where CF API Token credentials set in /path/to/cf-firewall-api.ini

cfaccount_id='YOUR_CF_ACCOUNT_ID'
cftoken_use='y'
cftoken='YOUR_CF_API_TOKEN'
Raw
fail2ban-cloudflare-api.md

not working with notes value "Fail2Ban for <name>"

actionban = curl -s -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" \
            -H "X-Auth-Email: <cfuser>" \
            -H "X-Auth-Key: <cftoken>" \
            -H "Content-Type: application/json" \
            --data '{"mode":"block","configuration":{"target":"ip","value":"<ip>"},"notes":"Fail2Ban for <name>"}'

working with notes value "Fail2Ban"

actionban = curl -s -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" \
            -H "X-Auth-Email: <cfuser>" \
            -H "X-Auth-Key: <cftoken>" \
            -H "Content-Type: application/json" \
            --data '{"mode":"block","configuration":{"target":"ip","value":"<ip>"},"notes":"Fail2Ban"}'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment