CasperSecurity

Current Path : /etc/fail2ban/action.d/
Upload File :
Current File : //etc/fail2ban/action.d/bsd-ipfw.conf

# Fail2Ban configuration file
#
# Author: Nick Munger
# Modified by: Ken Menzel
#              Daniel Black (start/stop)
#              Fabian Wenk (many ideas as per fail2ban users list)
#
# Ensure firewall_enable="YES" in the top of /etc/rc.conf
#

[Definition]

# Option:  actionstart
# Notes.:  command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false).
# Values:  CMD
#
actionstart = ipfw show | fgrep -c -m 1 -s 'table(<table>)' > /dev/null 2>&1 || (
    num=$(ipfw show | awk 'BEGIN { b = <lowest_rule_num> } { if ($1 == b) { b = $1 + 1 } } END { print b }');
    ipfw -q add "$num" <blocktype> <block> from table\(<table>\) to me <port>; echo "$num" > "<startstatefile>"
  )


# Option:  actionstop
# Notes.:  command executed at the stop of jail (or at the end of Fail2Ban)
# Values:  CMD
#
actionstop =  [ ! -f <startstatefile> ] || ( read num < "<startstatefile>" <br> ipfw -q delete $num <br> rm "<startstatefile>" )


# Option:  actioncheck
# Notes.:  command executed once before each actionban command
# Values:  CMD
#
actioncheck = 


# Option:  actionban
# Notes.:  command executed when banning an IP. Take care that the
#          command is executed with Fail2Ban user rights.
# Tags:    See jail.conf(5) man page
# Values:  CMD
#
# requires an ipfw rule like "deny ip from table(1) to me"
actionban = e=`ipfw table <table> add <ip> 2>&1`; x=$?; [ $x -eq 0 -o "$e" = 'ipfw: setsockopt(IP_FW_TABLE_XADD): File exists' ] || echo "$e" | grep -q "record already exists" || { echo "$e" 1>&2; exit $x; }


# Option:  actionunban
# Notes.:  command executed when unbanning an IP. Take care that the
#          command is executed with Fail2Ban user rights.
# Tags:    See jail.conf(5) man page
# Values:  CMD
#
actionunban = e=`ipfw table <table> delete <ip> 2>&1`; x=$?; [ $x -eq 0 -o "$e" = 'ipfw: setsockopt(IP_FW_TABLE_XDEL): No such process' ] || echo "$e" | grep -q "record not found" || { echo "$e" 1>&2; exit $x; }

[Init]
# Option:  table
# Notes:   The ipfw table to use. If a ipfw rule using this table already exists,
#          this action will not create a ipfw rule to block it and the following
#          options will have no effect.
# Values:  NUM
table = 1

# Option:  port
# Notes.:  Specifies port to monitor. Blank indicate block all ports.
# Values:  [ NUM | STRING ]
#
port = 

# Option:  startstatefile
# Notes:   A file to indicate that the table rule that was added. Ensure it is unique per table.
# Values:  STRING
startstatefile = /var/run/fail2ban/ipfw-started-table_<table>

# Option: block
# Notes:  This is how much to block.
#         Can be "ip", "tcp", "udp" or various other options.
# Values: STRING
block = ip

# Option:  blocktype
# Notes.:  How to block the traffic. Use a action from man 5 ipfw
#          Common values: deny, unreach port, reset
#          ACTION defination at the top of man ipfw for allowed values.
# Values:  STRING
#
blocktype = unreach port

# Option:  lowest_rule_num
# Notes:   When fail2ban starts with action and there is no rule for the given table yet
#          then fail2ban will start looking for an empty slot starting with this rule number.
# Values:  NUM
lowest_rule_num = 111
Hacker Blog, Shell İndir, Sql İnjection, XSS Attacks, LFI Attacks, Social Hacking, Exploit Bot, Proxy Tools, Web Shell, PHP Shell, Alfa Shell İndir, Hacking Training Set, DDoS Script, Denial Of Service, Botnet, RFI Attacks, Encryption
Telegram @BIBIL_0DAY