config files for Ubuntu 18.04 server

crontab -e

30 0  * * *          /usr/sbin/logwatch

generics-domains

thewismit.com
clowncar.thewismit.com

genericstable

<username> will@thewismit.com

hosts

127.0.0.1 localhost.localdomain localhost
<public_IPv4_address> example_hostname.thewismit.com example_hostname
<public_IPv6_address> example_hostname.thewismit.com example_hostname

iptables-multiport.conf - persistent bans

[Definition]
 
# Option:  actionstart
# Notes.:  command executed once at the start of Fail2Ban.
# Values:  CMD
#
actionstart = iptables -N fail2ban-<name>
              iptables -A fail2ban-<name> -j RETURN
              iptables -I <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
          cat /etc/fail2ban/persistent.bans | awk '/^fail2ban-<name>/ {print $2}' \
          | while read IP; do iptables -I fail2ban-<name> 1 -s $IP -j <blocktype>; done
 
# Option:  actionstop
# Notes.:  command executed once at the end of Fail2Ban
# Values:  CMD
#
actionstop = iptables -D <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
             iptables -F fail2ban-<name>
             iptables -X fail2ban-<name>
 
# Option:  actioncheck
# Notes.:  command executed once before each actionban command
# Values:  CMD
#
actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
 
# Option:  actionban
# Notes.:  command executed when banning an IP. Take care that the
#          command is executed with Fail2Ban user rights.
# Tags:    See jail.conf(5) man page
# Values:  CMD
#
actionban = iptables -I fail2ban-<name> 1 -s <ip> -j <blocktype>
        echo "fail2ban-<name> <ip>" >> /etc/fail2ban/persistent.bans

jail.local - bantime

# "bantime" is the number of seconds that a host is banned.
bantime = -1

jail.local - configure email addresses

# Destination email address used solely for the interpolations in
# jail.{conf,local,d/*} configuration files.
destemail = thewismit@localhost

# Sender email address used solely for some actions
sender = fail2ban@<fq-hostname>

jail.local - enable jails

# "enabled" enables the jails.
#  By default all jails are disabled, and it should stay this way.
#  Enable only relevant to your setup jails in your .local or jail.d/*.conf
#
# true:  jail will be enabled and log files will get monitored for changes
# false: jail is not enabled
enabled = true

logwatch.conf - in default.conf

#Output/Format Options
#By default Logwatch will print to stdout in text with no encoding.
#To make email Default set Output = mail to save to file set Output = file
Output = mail

# Default person to mail reports to.  Can be a local account or a
# complete email address.  Variable Output should be set to mail, or
# --output mail should be passed on command line to enable mail feature.
# MailTo = root
MailTo = <email_address>

# WHen using option --multiemail, it is possible to specify a different
# email recipient per host processed.  For example, to send the report
# for hostname host1 to user@example.com, use:
#Mailto_host1 = user@example.com
# Multiple recipients can be specified by separating them with a space.

# Default person to mail reports from.  Can be a local account or a
# complete email address.
MailFrom = <email_address>

# The default detail level for the report.
# This can either be Low, Med, High or a number.
# Low = 0
# Med = 5
# High = 10
Detail = High

logwatch.conf - in dist.conf

MailFrom = <email_address>

sendmail.mc - generics

FEATURE(`genericstable',`hash -o /etc/mail/genericstable.db')dnl
GENERICS_DOMAIN_FILE(`/etc/mail/generics-domains')dnl

sshd_config - AllowUsers

AllowUsers <user_account>

sshd_config - listen IPv4

# Port 22
AddressFamily inet

sshd_config - no pwd auth

# Change to no to disable tunnelled clear text passwords
PasswordAuthentication no

sshd_config - no root login

# Authentication:
...
PermitRootLogin no

submit.mc - masquerade

MASQUERADE_AS(`thewismit.com')dnl
FEATURE(`masquerade_envelope')dnl
MASQUERADE_DOMAIN(`thewismit.com')dnl

Ubuntu 18.04 Config

readme