Create a gist now

Instantly share code, notes, and snippets.

@hwdsl2 /jail.local Secret
Last active Aug 29, 2015

Example /etc/fail2ban/jail.local to be used on Asterisk servers
# Fail2Ban configuration file
#
# This file is Generated from your sysadmin module on your PBX
# DO NOT HAND EDIT THIS FILE
[DEFAULT]
ignoreip = 127.0.0.0/8
bantime = 3600
findtime = 3600
maxretry = 5
backend = auto
[asterisk-iptables]
enabled = true
filter = asterisk
action = iptables-allports[name=SIP, protocol=all]
logpath = /var/log/asterisk/full
bantime = 3600
maxretry = 10
[asterisk-iptables-2]
enabled = true
filter = asterisk-security
action = iptables-allports[name=SIP-2, protocol=all]
logpath = /var/log/asterisk/fail2ban
bantime = 3600
maxretry = 10
[pbx-gui]
enabled = true
filter = freepbx
action = iptables-allports[name=PBX-GUI, protocol=all]
logpath = /var/log/asterisk/freepbx_security.log
bantime = 3600
maxretry = 10
[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
logpath = /var/log/secure
bantime = 3600
maxretry = 10
[apache-tcpwrapper]
enabled = true
filter = apache-auth
action = iptables-allports[name=apache-auth, protocol=all]
logpath = /var/log/httpd/*error_log
bantime = 3600
maxretry = 10
[vsftpd-iptables]
enabled = true
filter = vsftpd
action = iptables[name=FTP, port=ftp, protocol=tcp]
logpath = /var/log/vsftpd.log
bantime = 3600
maxretry = 3
[apache-badbots]
enabled = true
filter = apache-badbots
action = iptables-multiport[name=BadBots, port="http,https"]
logpath = /var/log/httpd/*access_log
bantime = 3600
maxretry = 1
[webmin-iptables]
enabled = true
filter = webmin-auth
action = iptables[name=webmin, port=9001, protocol=tcp]
logpath = /var/log/secure
bantime = 3600
maxretry = 10
# Jail for more extended banning of persistent abusers
# !!! WARNING !!!
# Make sure that your loglevel specified in fail2ban.conf/.local
# is not at DEBUG level -- which might then cause fail2ban to fall into
# an infinite loop constantly feeding itself with non-informative lines
[recidive]
enabled = true
filter = recidive
logpath = /var/log/fail2ban.log*
action = iptables-allports[name=recidive, protocol=all]
bantime = 2592000 ; 30 days
findtime = 604800 ; 1 week
maxretry = 10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment