1 # Fail2Ban configuration file
3 # Author: Cyril Jaquier
4 # Modified by Yaroslav Halchenko for multiport banning
11 # Notes.: command executed once at the start of Fail2Ban.
14 actionstart = iptables -N fail2ban-<name>
15 iptables -A fail2ban-<name> -j RETURN
16 iptables -I <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
19 # Notes.: command executed once at the end of Fail2Ban
22 actionstop = iptables -D <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
23 iptables -F fail2ban-<name>
24 iptables -X fail2ban-<name>
27 # Notes.: command executed once before each actionban command
30 actioncheck = iptables -n -L <chain> | grep -q fail2ban-<name>
33 # Notes.: command executed when banning an IP. Take care that the
34 # command is executed with Fail2Ban user rights.
35 # Tags: <ip> IP address
36 # <failures> number of failures
37 # <time> unix timestamp of the ban time
40 actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP
43 # Notes.: command executed when unbanning an IP. Take care that the
44 # command is executed with Fail2Ban user rights.
45 # Tags: <ip> IP address
46 # <failures> number of failures
47 # <time> unix timestamp of the ban time
50 actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP
54 # Defaut name of the chain
59 # Notes.: specifies port to monitor
60 # Values: [ NUM | STRING ] Default:
65 # Notes.: internally used by config reader for interpolations.
66 # Values: [ tcp | udp | icmp | all ] Default: tcp
71 # Notes specifies the iptables chain to which the fail2ban rules should be
73 # Values: STRING Default: INPUT