mirror of
https://github.com/NginxProxyManager/nginx-proxy-manager.git
synced 2025-07-05 01:09:37 +00:00
Added fail2ban, though not sure its configured correctly yet
This commit is contained in:
60
docker/rootfs/fail2ban/action.d/sendmail-geoip-lines.conf
Normal file
60
docker/rootfs/fail2ban/action.d/sendmail-geoip-lines.conf
Normal file
@ -0,0 +1,60 @@
|
||||
## Version 2022/08/06
|
||||
# Fail2Ban configuration file
|
||||
#
|
||||
# Author: Viktor Szépe
|
||||
#
|
||||
#
|
||||
|
||||
[INCLUDES]
|
||||
|
||||
before = sendmail-common.conf
|
||||
helpers-common.conf
|
||||
|
||||
[Definition]
|
||||
|
||||
# bypass ban/unban for restored tickets
|
||||
norestored = 1
|
||||
|
||||
# Option: actionban
|
||||
# Notes.: Command executed when banning an IP. Take care that the
|
||||
# command is executed with Fail2Ban user rights.
|
||||
# You need to install geoiplookup and the GeoLite or GeoIP databases.
|
||||
# (geoip-bin and geoip-database in Debian)
|
||||
# The host command comes from bind9-host package.
|
||||
# Tags: See jail.conf(5) man page
|
||||
# Values: CMD
|
||||
#
|
||||
actionban = ( printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from <fq-hostname>
|
||||
Date: `LC_ALL=C date +"%%a, %%d %%h %%Y %%T %%z"`
|
||||
From: <sendername> <<sender>>
|
||||
To: <dest>\n
|
||||
Hi,\n
|
||||
The IP <ip> has just been banned by Fail2Ban after
|
||||
<failures> attempts against <name>.\n\n
|
||||
Here is more information about <ip> :\n
|
||||
http://bgp.he.net/ip/<ip>
|
||||
http://www.projecthoneypot.org/ip_<ip>
|
||||
http://whois.domaintools.com/<ip>\n\n
|
||||
Country:`geoiplookup -f /usr/share/GeoIP/GeoIP.dat "<ip>" | cut -d':' -f2-`
|
||||
AS:`geoiplookup -f /usr/share/GeoIP/GeoIPASNum.dat "<ip>" | cut -d':' -f2-`
|
||||
hostname: <ip-host>\n\n
|
||||
Lines containing failures of <ip> (max <grepmax>)\n";
|
||||
%(_grep_logs)s;
|
||||
printf %%b "\n
|
||||
Regards,\n
|
||||
Fail2Ban" ) | <mailcmd>
|
||||
|
||||
[Init]
|
||||
|
||||
# Default name of the chain
|
||||
#
|
||||
name = default
|
||||
|
||||
# Path to the log files which contain relevant lines for the abuser IP
|
||||
#
|
||||
logpath = /dev/null
|
||||
|
||||
# Number of log lines to include in the email
|
||||
#
|
||||
#grepmax = 1000
|
||||
#grepopts = -m <grepmax>
|
Reference in New Issue
Block a user