__ __ __ __ _____ _ _ _____ _ _ _ | \/ | \ \ / / | __ \ (_) | | / ____| | | | | | \ / |_ __\ V / | |__) | __ ___ ____ _| |_ ___ | (___ | |__ ___| | | | |\/| | '__|> < | ___/ '__| \ \ / / _` | __/ _ \ \___ \| '_ \ / _ \ | | | | | | |_ / . \ | | | | | |\ V / (_| | || __/ ____) | | | | __/ | | |_| |_|_(_)_/ \_\ |_| |_| |_| \_/ \__,_|\__\___| |_____/|_| |_|\___V 2.1 if you need WebShell for Seo everyday contact me on Telegram Telegram Address : @jackleetFor_More_Tools:
# IPThreat configuration file
#
# Added to fail2ban by Jeff Johnson (jjxtra)
#
# Action to report IP address to ipthreat.net
#
# You must sign up to obtain an API key from ipthreat.net and request bulk report permissions
# https://ipthreat.net/integrations
#
# IPThreat is a 100% free site and service, all data is licensed under a creative commons by attribution license
# Please do not integrate if you do not agree to the license
#
# IMPORTANT:
#
# Reporting an IP is a serious action. Make sure that it is legit.
# Consider using this action only for:
# * IP that has been banned more than once
# * High max retry to avoid user mis-typing password
# * Filters that are unlikely to be human error
#
# Example:
# ```
# action = %(known/action)s
# ipthreat[]
# ```
#
# The action accepts the following arguments: ipthreat[ipthreat_flags="8",ipthreat_system="SSH", ipthreat_apikey=...]
# In most cases your action could be as simple as: ipthreat[], since the default flags and system are set to the most correct default values.
# You can optionally override ipthreat_system and ipthreat_flags if desired.
# The ipthreat_apikey must be set at the bottom of this configuration file.
#
# `ipthreat_system` is a short name of the system attacked, i.e. SSH, SMTP, MYSQL, PHP, etc.
#
# For `ipthreat_flags`, most cases will use 8 (BruteForce) which is the default, but you could use others.
# You can use the name or the ordinal.
# Multiple values are comma separated.
# ```
# Name Ordinal Description
# Dns 1 Abuse/attack of dns (domain name server)
# Fraud 2 General fraud, whether orders, misuse of payment info, etc
# DDos 4 Distributed denial of service attack, whether through http requests, large ping attack, etc
# BruteForce 8 Brute force login attack
# Proxy 16 IP is a proxy like TOR or other proxy server
# Spam 32 Email, comment or other type of spam
# Vpn 64 IP is part of a VPN
# Hacking 128 General hacking outside of brute force attack (includes vulnerability scans, sql injection, etc.). Use port scan flag instead if it's just probe on ports.
# BadBot 256 Bad bot that is not honoring robots.txt or just flooding with too many requests, etc
# Compromised 512 The ip has been taken over by malware or botnet
# Phishing 1024 The ip is involved in phishing or spoofing
# Iot 2048 The ip has targetted an iot (Internet of Things) device
# PortScan 4096 Port scan
# See https://ipthreat.net/bulkreportformat for more information
# ```
[Definition]
# bypass action for restored tickets
norestored = 1
# Option: actionstart
# Notes.: command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false).
# Values: CMD
#
actionstart =
# Option: actionstop
# Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
# Values: CMD
#
actionstop =
# Option: actioncheck
# Notes.: command executed once before each actionban command
# Values: CMD
#
actioncheck =
# Option: actionban
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.
#
# Tags: See jail.conf(5) man page
# Values: CMD
#
actionban = curl -sSf "https://api.ipthreat.net/api/report" -X POST -H "Content-Type: application/json" -H "X-API-KEY: <ipthreat_apikey>" -d "{\"ip\":\"<ip>\",\"flags\":\"<ipthreat_flags>\",\"system\":\"<ipthreat_system>\",\"notes\":\"fail2ban\"}"
# Option: actionunban
# Notes.: command executed when unbanning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: See jail.conf(5) man page
# Values: CMD
#
actionunban =
[Init]
# Option: ipthreat_apikey
# Notes Your API key from ipthreat.net
# Values: STRING Default: None
# Register for ipthreat [https://ipthreat.net], get api key and set below.
# You will need to set the flags and system in the action call in jail.conf
ipthreat_apikey =
# By default, the ipthreat system is the name of the fail2ban jail
ipthreat_system = <name>
# By default the ip threat flags is 8 (brute force), but you can override this per jail if desired
ipthreat_flags = 8| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| abuseipdb.conf | File | 3.66 KB | 0644 |
|
| apf.conf | File | 587 B | 0644 |
|
| apprise.conf | File | 1.38 KB | 0644 |
|
| blocklist_de.conf | File | 2.65 KB | 0644 |
|
| bsd-ipfw.conf | File | 3.15 KB | 0644 |
|
| cloudflare-token.conf | File | 2.93 KB | 0644 |
|
| cloudflare.conf | File | 2.97 KB | 0644 |
|
| complain.conf | File | 4.66 KB | 0644 |
|
| dshield.conf | File | 7.5 KB | 0644 |
|
| dummy.conf | File | 1.68 KB | 0644 |
|
| firewallcmd-allports.conf | File | 1.47 KB | 0644 |
|
| firewallcmd-common.conf | File | 2.59 KB | 0644 |
|
| firewallcmd-ipset.conf | File | 3.58 KB | 0644 |
|
| firewallcmd-multiport.conf | File | 1.24 KB | 0644 |
|
| firewallcmd-new.conf | File | 1.85 KB | 0644 |
|
| firewallcmd-rich-logging.conf | File | 1021 B | 0644 |
|
| firewallcmd-rich-rules.conf | File | 1.71 KB | 0644 |
|
| helpers-common.conf | File | 592 B | 0644 |
|
| hostsdeny.conf | File | 1.62 KB | 0644 |
|
| ipfilter.conf | File | 1.54 KB | 0644 |
|
| ipfw.conf | File | 1.47 KB | 0644 |
|
| iptables-allports.conf | File | 291 B | 0644 |
|
| iptables-ipset-proto4.conf | File | 1.93 KB | 0644 |
|
| iptables-ipset-proto6-allports.conf | File | 814 B | 0644 |
|
| iptables-ipset-proto6.conf | File | 773 B | 0644 |
|
| iptables-ipset.conf | File | 2.52 KB | 0644 |
|
| iptables-multiport-log.conf | File | 2.11 KB | 0644 |
|
| iptables-multiport.conf | File | 232 B | 0644 |
|
| iptables-new.conf | File | 332 B | 0644 |
|
| iptables-xt_recent-echo.conf | File | 2.78 KB | 0644 |
|
| iptables.conf | File | 4.68 KB | 0644 |
|
| ipthreat.conf | File | 4.19 KB | 0644 |
|
| mail-buffered.conf | File | 2.44 KB | 0644 |
|
| mail-whois-common.conf | File | 1.03 KB | 0644 |
|
| mail-whois-lines.conf | File | 2.4 KB | 0644 |
|
| mail-whois.conf | File | 1.85 KB | 0644 |
|
| mail.conf | File | 1.72 KB | 0644 |
|
| mynetwatchman.conf | File | 5.2 KB | 0644 |
|
| netscaler.conf | File | 1.46 KB | 0644 |
|
| nftables-allports.conf | File | 383 B | 0644 |
|
| nftables-multiport.conf | File | 384 B | 0644 |
|
| nftables.conf | File | 6.17 KB | 0644 |
|
| nginx-block-map.conf | File | 3.92 KB | 0644 |
|
| npf.conf | File | 1.49 KB | 0644 |
|
| nsupdate.conf | File | 3.16 KB | 0644 |
|
| osx-afctl.conf | File | 497 B | 0644 |
|
| osx-ipfw.conf | File | 2.25 KB | 0644 |
|
| pf.conf | File | 3.66 KB | 0644 |
|
| route.conf | File | 1023 B | 0644 |
|
| sendmail-buffered.conf | File | 2.74 KB | 0644 |
|
| sendmail-common.conf | File | 1.89 KB | 0644 |
|
| sendmail-geoip-lines.conf | File | 1.72 KB | 0644 |
|
| sendmail-whois-ipjailmatches.conf | File | 1.03 KB | 0644 |
|
| sendmail-whois-ipmatches.conf | File | 1.01 KB | 0644 |
|
| sendmail-whois-lines.conf | File | 1.27 KB | 0644 |
|
| sendmail-whois-matches.conf | File | 1000 B | 0644 |
|
| sendmail-whois.conf | File | 950 B | 0644 |
|
| sendmail.conf | File | 829 B | 0644 |
|
| shorewall-ipset-proto6.conf | File | 3.44 KB | 0644 |
|
| shorewall.conf | File | 2.11 KB | 0644 |
|
| smtp.py | File | 6.13 KB | 0644 |
|
| symbiosis-blacklist-allports.conf | File | 1.47 KB | 0644 |
|
| ufw.conf | File | 2.32 KB | 0644 |
|
| xarf-login-attack.conf | File | 6.29 KB | 0644 |
|