Added fail2ban, though not sure its configured correctly yet

docker/rootfs/fail2ban/action.d/iptables-xt_recent-echo.conf

@@ -0,0 +1,88 @@
+## Version 2022/08/06
+# Fail2Ban configuration file
+#
+# Author: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
+#
+# Modified: Alexander Koeppe <format_c@online.de>, Serg G. Brester <serg.brester@sebres.de>
+#       made config file IPv6 capable
+
+[INCLUDES]
+
+before = iptables.conf
+
+[Definition]
+
+_ipt_chain_rule = -m recent --update --seconds 3600 --name <iptname> -j <blocktype>
+_ipt_for_proto-iter =
+_ipt_for_proto-done =
+
+# Option:  actionstart
+# Notes.:  command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false).
+# Values:  CMD
+#
+# Changing iptables rules requires root privileges. If fail2ban is
+# configured to run as root, firewall setup can be performed by
+# fail2ban automatically. However, if fail2ban is configured to run as
+# a normal user, the configuration must be done by some other means
+# (e.g. using static firewall configuration with the
+# iptables-persistent package).
+# 
+# Explanation of the rule below:
+#    Check if any packets coming from an IP on the <iptname>
+#    list have been seen in the last 3600 seconds. If yes, update the
+#    timestamp for this IP and drop the packet. If not, let the packet
+#    through.
+#
+#    Fail2ban inserts blacklisted hosts into the <iptname> list
+#    and removes them from the list after some time, according to its
+#    own rules. The 3600 second timeout is independent and acts as a
+#    safeguard in case the fail2ban process dies unexpectedly. The
+#    shorter of the two timeouts actually matters.
+actionstart = if [ `id -u` -eq 0 ];then
+              { %(_ipt_check_rule)s >/dev/null 2>&1; } || { <iptables> -I <chain> %(_ipt_chain_rule)s; }
+              fi
+
+# Option:  actionflush
+#
+# [TODO] Flushing is currently not implemented for xt_recent
+#
+actionflush = 
+
+# Option:  actionstop
+# Notes.:  command executed at the stop of jail (or at the end of Fail2Ban)
+# Values:  CMD
+#
+actionstop = echo / > /proc/net/xt_recent/<iptname>
+             if [ `id -u` -eq 0 ];then
+             <iptables> -D <chain> %(_ipt_chain_rule)s;
+             fi
+
+# Option:  actioncheck
+# Notes.:  command executed as invariant check (error by ban)
+# Values:  CMD
+#
+actioncheck = { <iptables> -C <chain> %(_ipt_chain_rule)s; } && test -e /proc/net/xt_recent/<iptname>
+
+# Option:  actionban
+# Notes.:  command executed when banning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    See jail.conf(5) man page
+# Values:  CMD
+#
+actionban = echo +<ip> > /proc/net/xt_recent/<iptname>
+
+# Option:  actionunban
+# Notes.:  command executed when unbanning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    See jail.conf(5) man page
+# Values:  CMD
+#
+actionunban = echo -<ip> > /proc/net/xt_recent/<iptname>
+
+[Init]
+
+iptname = f2b-<name>
+
+[Init?family=inet6]
+
+iptname = f2b-<name>6