X-Git-Url: https://git.stderr.nl/gitweb?a=blobdiff_plain;f=etc%2Ffail2ban%2Faction.d%2Fiptables-multiport.conf;h=f0aebbac6000f548bde9c9e638d3da29ced0bc6a;hb=2f8315532658e5ad1acea72b357a5dc4878a4a93;hp=84c7d533a84fd22b2dfc0ff016a24f7576bd0f35;hpb=a31720f9f2b8f7e92d5e265bbe728e2756a7b7f6;p=matthijs%2Fservers%2Fdrsnuggles.git

diff --git a/etc/fail2ban/action.d/iptables-multiport.conf b/etc/fail2ban/action.d/iptables-multiport.conf
index 84c7d53..f0aebba 100644
--- a/etc/fail2ban/action.d/iptables-multiport.conf
+++ b/etc/fail2ban/action.d/iptables-multiport.conf
@@ -13,13 +13,13 @@
 #
 actionstart = iptables -N fail2ban-<name>
               iptables -A fail2ban-<name> -j RETURN
-              iptables -I INPUT -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
+              iptables -I <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
 
 # Option:  actionstop
 # Notes.:  command executed once at the end of Fail2Ban
 # Values:  CMD
 #
-actionstop = iptables -D INPUT -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
+actionstop = iptables -D <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
              iptables -F fail2ban-<name>
              iptables -X fail2ban-<name>
 
@@ -27,7 +27,7 @@ actionstop = iptables -D INPUT -p <protocol> -m multiport --dports <port> -j fai
 # Notes.:  command executed once before each actionban command
 # Values:  CMD
 #
-actioncheck = iptables -n -L INPUT | grep -q fail2ban-<name>
+actioncheck = iptables -n -L <chain> | grep -q fail2ban-<name>
 
 # Option:  actionban
 # Notes.:  command executed when banning an IP. Take care that the
@@ -67,3 +67,8 @@ port = ssh
 #
 protocol = tcp
 
+# Option:  chain
+# Notes    specifies the iptables chain to which the fail2ban rules should be
+#          added
+# Values:  STRING  Default: INPUT
+chain = INPUT