CasperSecurity

Current Path : /etc/fail2ban/action.d/
Upload File :
Current File : //etc/fail2ban/action.d/iptables-xt_recent-echo.conf

# Fail2Ban configuration file
#
# Author: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
#
# Modified: Alexander Koeppe <format_c@online.de>, Serg G. Brester <serg.brester@sebres.de>
#       made config file IPv6 capable

[INCLUDES]

before = iptables-common.conf

[Definition]

# Option:  actionstart
# Notes.:  command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false).
# Values:  CMD
#
# Changing iptables rules requires root privileges. If fail2ban is
# configured to run as root, firewall setup can be performed by
# fail2ban automatically. However, if fail2ban is configured to run as
# a normal user, the configuration must be done by some other means
# (e.g. using static firewall configuration with the
# iptables-persistent package).
# 
# Explanation of the rule below:
#    Check if any packets coming from an IP on the <iptname>
#    list have been seen in the last 3600 seconds. If yes, update the
#    timestamp for this IP and drop the packet. If not, let the packet
#    through.
#
#    Fail2ban inserts blacklisted hosts into the <iptname> list
#    and removes them from the list after some time, according to its
#    own rules. The 3600 second timeout is independent and acts as a
#    safeguard in case the fail2ban process dies unexpectedly. The
#    shorter of the two timeouts actually matters.
actionstart = if [ `id -u` -eq 0 ];then <iptables> -I <chain> -m recent --update --seconds 3600 --name <iptname> -j <blocktype>;fi

# Option:  actionflush
#
# [TODO] Flushing is currently not implemented for xt_recent
#
actionflush = 

# Option:  actionstop
# Notes.:  command executed at the stop of jail (or at the end of Fail2Ban)
# Values:  CMD
#
actionstop = echo / > /proc/net/xt_recent/<iptname>
             if [ `id -u` -eq 0 ];then <iptables> -D <chain> -m recent --update --seconds 3600 --name <iptname> -j <blocktype>;fi

# Option:  actioncheck
# Notes.:  command executed once before each actionban command
# Values:  CMD
#
actioncheck = test -e /proc/net/xt_recent/<iptname>

# Option:  actionban
# Notes.:  command executed when banning an IP. Take care that the
#          command is executed with Fail2Ban user rights.
# Tags:    See jail.conf(5) man page
# Values:  CMD
#
actionban = echo +<ip> > /proc/net/xt_recent/<iptname>

# Option:  actionunban
# Notes.:  command executed when unbanning an IP. Take care that the
#          command is executed with Fail2Ban user rights.
# Tags:    See jail.conf(5) man page
# Values:  CMD
#
actionunban = echo -<ip> > /proc/net/xt_recent/<iptname>

[Init]

iptname              = f2b-<name>

[Init?family=inet6]

iptname = f2b-<name>6
Hacker Blog, Shell İndir, Sql İnjection, XSS Attacks, LFI Attacks, Social Hacking, Exploit Bot, Proxy Tools, Web Shell, PHP Shell, Alfa Shell İndir, Hacking Training Set, DDoS Script, Denial Of Service, Botnet, RFI Attacks, Encryption
Telegram @BIBIL_0DAY