Last active
September 14, 2019 16:50
-
-
Save thewismit/85fee5357590951c0936aae834e6a396 to your computer and use it in GitHub Desktop.
config files for Ubuntu 18.04 server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
30 0 * * * /usr/sbin/logwatch |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
thewismit.com | |
clowncar.thewismit.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<username> will@thewismit.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
127.0.0.1 localhost.localdomain localhost | |
<public_IPv4_address> example_hostname.thewismit.com example_hostname | |
<public_IPv6_address> example_hostname.thewismit.com example_hostname |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[Definition] | |
# Option: actionstart | |
# Notes.: command executed once at the start of Fail2Ban. | |
# Values: CMD | |
# | |
actionstart = iptables -N fail2ban-<name> | |
iptables -A fail2ban-<name> -j RETURN | |
iptables -I <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name> | |
cat /etc/fail2ban/persistent.bans | awk '/^fail2ban-<name>/ {print $2}' \ | |
| while read IP; do iptables -I fail2ban-<name> 1 -s $IP -j <blocktype>; done | |
# Option: actionstop | |
# Notes.: command executed once at the end of Fail2Ban | |
# Values: CMD | |
# | |
actionstop = iptables -D <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name> | |
iptables -F fail2ban-<name> | |
iptables -X fail2ban-<name> | |
# Option: actioncheck | |
# Notes.: command executed once before each actionban command | |
# Values: CMD | |
# | |
actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]' | |
# Option: actionban | |
# Notes.: command executed when banning an IP. Take care that the | |
# command is executed with Fail2Ban user rights. | |
# Tags: See jail.conf(5) man page | |
# Values: CMD | |
# | |
actionban = iptables -I fail2ban-<name> 1 -s <ip> -j <blocktype> | |
echo "fail2ban-<name> <ip>" >> /etc/fail2ban/persistent.bans |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# "bantime" is the number of seconds that a host is banned. | |
bantime = -1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Destination email address used solely for the interpolations in | |
# jail.{conf,local,d/*} configuration files. | |
destemail = thewismit@localhost | |
# Sender email address used solely for some actions | |
sender = fail2ban@<fq-hostname> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# "enabled" enables the jails. | |
# By default all jails are disabled, and it should stay this way. | |
# Enable only relevant to your setup jails in your .local or jail.d/*.conf | |
# | |
# true: jail will be enabled and log files will get monitored for changes | |
# false: jail is not enabled | |
enabled = true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Output/Format Options | |
#By default Logwatch will print to stdout in text with no encoding. | |
#To make email Default set Output = mail to save to file set Output = file | |
Output = mail | |
# Default person to mail reports to. Can be a local account or a | |
# complete email address. Variable Output should be set to mail, or | |
# --output mail should be passed on command line to enable mail feature. | |
# MailTo = root | |
MailTo = <email_address> | |
# WHen using option --multiemail, it is possible to specify a different | |
# email recipient per host processed. For example, to send the report | |
# for hostname host1 to user@example.com, use: | |
#Mailto_host1 = user@example.com | |
# Multiple recipients can be specified by separating them with a space. | |
# Default person to mail reports from. Can be a local account or a | |
# complete email address. | |
MailFrom = <email_address> | |
# The default detail level for the report. | |
# This can either be Low, Med, High or a number. | |
# Low = 0 | |
# Med = 5 | |
# High = 10 | |
Detail = High |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
MailFrom = <email_address> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FEATURE(`genericstable',`hash -o /etc/mail/genericstable.db')dnl | |
GENERICS_DOMAIN_FILE(`/etc/mail/generics-domains')dnl |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
AllowUsers <user_account> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Port 22 | |
AddressFamily inet |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Change to no to disable tunnelled clear text passwords | |
PasswordAuthentication no |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Authentication: | |
... | |
PermitRootLogin no |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
MASQUERADE_AS(`thewismit.com')dnl | |
FEATURE(`masquerade_envelope')dnl | |
MASQUERADE_DOMAIN(`thewismit.com')dnl |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
readme |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment