Current Path : /etc/fail2ban/action.d/ |
FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64 |
Current File : //etc/fail2ban/action.d/blocklist_de.conf |
# Fail2Ban configuration file # # Author: Steven Hiscocks # # # Action to report IP address to blocklist.de # Blocklist.de must be signed up to at www.blocklist.de # Once registered, one or more servers can be added. # This action requires the server 'email address' and the assoicate apikey. # # From blocklist.de: # www.blocklist.de is a free and voluntary service provided by a # Fraud/Abuse-specialist, whose servers are often attacked on SSH-, # Mail-Login-, FTP-, Webserver- and other services. # The mission is to report all attacks to the abuse deparments of the # infected PCs/servers to ensure that the responsible provider can inform # the customer about the infection and disable them # # IMPORTANT: # # Reporting an IP of abuse is a serious complaint. Make sure that it is # serious. Fail2ban developers and network owners recommend you only use this # action for: # * The recidive where the IP has been banned multiple times # * Where maxretry has been set quite high, beyond the normal user typing # password incorrectly. # * For filters that have a low likelyhood of receiving human errors # [Definition] # Option: actionstart # Notes.: command executed once at the start of Fail2Ban. # Values: CMD # actionstart = # Option: actionstop # Notes.: command executed once at the end of Fail2Ban # Values: CMD # actionstop = # Option: actioncheck # Notes.: command executed once before each actionban command # Values: CMD # actioncheck = # Option: actionban # Notes.: command executed when banning an IP. Take care that the # command is executed with Fail2Ban user rights. # Tags: See jail.conf(5) man page # Values: CMD # actionban = curl --fail --data-urlencode 'server=<email>' --data 'apikey=<apikey>' --data 'service=<service>' --data 'ip=<ip>' --data-urlencode 'logs=<matches>' --data 'format=text' --user-agent "fail2ban v0.8.12" "https://www.blocklist.de/en/httpreports.html" # Option: actionunban # Notes.: command executed when unbanning an IP. Take care that the # command is executed with Fail2Ban user rights. # Tags: See jail.conf(5) man page # Values: CMD # actionunban = [Init] # Option: email # Notes server email address, as per blocklise.de account # Values: STRING Default: None # #email = # Option: apikey # Notes your user blocklist.de user account apikey # Values: STRING Default: None # #apikey = # Option: service # Notes service name you are reporting on, typically aligns with filter name # see http://www.blocklist.de/en/httpreports.html for full list # Values: STRING Default: None # #service =