__ __ __ __ _____ _ _ _____ _ _ _ | \/ | \ \ / / | __ \ (_) | | / ____| | | | | | \ / |_ __\ V / | |__) | __ ___ ____ _| |_ ___ | (___ | |__ ___| | | | |\/| | '__|> < | ___/ '__| \ \ / / _` | __/ _ \ \___ \| '_ \ / _ \ | | | | | | |_ / . \ | | | | | |\ V / (_| | || __/ ____) | | | | __/ | | |_| |_|_(_)_/ \_\ |_| |_| |_| \_/ \__,_|\__\___| |_____/|_| |_|\___V 2.1 if you need WebShell for Seo everyday contact me on Telegram Telegram Address : @jackleetFor_More_Tools:
# Fail2Ban configuration file
#
# Author: Daniel Black
# Author: Cyril Jaquier
# Modified: Yaroslav O. Halchenko <debian@onerussian.com>
# made active on all ports from original iptables.conf
# Modified: Alexander Belykh <albel727@ngs.ru>
# adapted for nftables
#
# This is a included configuration file and includes the definitions for the nftables
# used in all nftables based actions by default.
#
# The user can override the defaults in nftables-common.local
# Example: redirect flow to honeypot
#
# [Init]
# table_family = ip
# chain_type = nat
# chain_hook = prerouting
# chain_priority = -50
# blocktype = counter redirect to 2222
[INCLUDES]
after = nftables-common.local
[Definition]
# Option: type
# Notes.: type of the action.
# Values: [ multiport | allports ] Default: multiport
#
type = multiport
rule_match-custom =
rule_match-allports = meta l4proto \{ <protocol> \}
rule_match-multiport = $proto dport \{ $(echo '<port>' | sed s/:/-/g) \}
match = <rule_match-<type>>
# Option: rule_stat
# Notes.: statement for nftables filter rule.
# leaving it empty will block all (include udp and icmp)
# Values: nftables statement
#
rule_stat = %(match)s <addr_family> saddr @<addr_set> <blocktype>
# optional interator over protocol's:
_nft_for_proto-custom-iter =
_nft_for_proto-custom-done =
_nft_for_proto-allports-iter =
_nft_for_proto-allports-done =
_nft_for_proto-multiport-iter = for proto in $(echo '<protocol>' | sed 's/,/ /g'); do
_nft_for_proto-multiport-done = done
_nft_list = <nftables> -a list chain <table_family> <table> <chain>
_nft_get_handle_id = grep -oP '@<addr_set>\s+.*\s+\Khandle\s+(\d+)$'
_nft_add_set = <nftables> add set <table_family> <table> <addr_set> \{ type <addr_type>\; \}
<_nft_for_proto-<type>-iter>
<nftables> add rule <table_family> <table> <chain> %(rule_stat)s
<_nft_for_proto-<type>-done>
_nft_del_set = { %(_nft_list)s | %(_nft_get_handle_id)s; } | while read -r hdl; do
<nftables> delete rule <table_family> <table> <chain> $hdl; done
<nftables> delete set <table_family> <table> <addr_set>
# Option: _nft_shutdown_table
# Notes.: command executed after the stop in order to delete table (it checks that no sets are available):
# Values: CMD
#
_nft_shutdown_table = { <nftables> list table <table_family> <table> | grep -qP '^\s+set\s+'; } || {
<nftables> delete table <table_family> <table>
}
# Option: actionstart
# Notes.: command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false).
# Values: CMD
#
actionstart = <nftables> add table <table_family> <table>
<nftables> -- add chain <table_family> <table> <chain> \{ type <chain_type> hook <chain_hook> priority <chain_priority> \; \}
%(_nft_add_set)s
# Option: actionflush
# Notes.: command executed once to flush IPS, by shutdown (resp. by stop of the jail or this action);
# uses `nft flush set ...` and as fallback (e. g. unsupported) recreates the set (with references)
# Values: CMD
#
actionflush = { <nftables> flush set <table_family> <table> <addr_set> 2> /dev/null; } || {
%(_nft_del_set)s
%(_nft_add_set)s
}
# Option: actionstop
# Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
# Values: CMD
#
actionstop = %(_nft_del_set)s
<_nft_shutdown_table>
# Option: actioncheck
# Notes.: command executed once before each actionban command
# Values: CMD
#
actioncheck = <nftables> list chain <table_family> <table> <chain> | grep -q '@<addr_set>[ \t]'
# Option: actionban
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: See jail.conf(5) man page
# Values: CMD
#
actionban = <nftables> add element <table_family> <table> <addr_set> \{ <ip> \}
# Option: actionunban
# Notes.: command executed when unbanning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: See jail.conf(5) man page
# Values: CMD
#
actionunban = <nftables> delete element <table_family> <table> <addr_set> \{ <ip> \}
[Init]
# Option: table
# Notes.: main table to store chain and sets (automatically created on demand)
# Values: STRING Default: f2b-table
table = f2b-table
# Option: table_family
# Notes.: address family to work in
# Values: [ip | ip6 | inet] Default: inet
table_family = inet
# Option: chain
# Notes.: main chain to store rules
# Values: STRING Default: f2b-chain
chain = f2b-chain
# Option: chain_type
# Notes.: refers to the kind of chain to be created
# Values: [filter | route | nat] Default: filter
#
chain_type = filter
# Option: chain_hook
# Notes.: refers to the kind of chain to be created
# Values: [ prerouting | input | forward | output | postrouting ] Default: input
#
chain_hook = input
# Option: chain_priority
# Notes.: priority in the chain.
# Values: NUMBER Default: -1
#
chain_priority = -1
# Option: addr_type
# Notes.: address type to work with
# Values: [ipv4_addr | ipv6_addr] Default: ipv4_addr
#
addr_type = ipv4_addr
# Default name of the filtering set
#
name = default
# Option: port
# Notes.: specifies port to monitor
# Values: [ NUM | STRING ] Default:
#
port = ssh
# Option: protocol
# Notes.: internally used by config reader for interpolations.
# Values: [ tcp | udp ] Default: tcp
#
protocol = tcp
# Option: blocktype
# Note: This is what the action does with rules. This can be any jump target
# as per the nftables man page (section 8). Common values are drop,
# reject, reject with icmpx type host-unreachable, redirect to 2222
# Values: STRING
blocktype = reject
# Option: nftables
# Notes.: Actual command to be executed, including common to all calls options
# Values: STRING
nftables = nft
# Option: addr_set
# Notes.: The name of the nft set used to store banned addresses
# Values: STRING
addr_set = addr-set-<name>
# Option: addr_family
# Notes.: The family of the banned addresses
# Values: [ ip | ip6 ]
addr_family = ip
[Init?family=inet6]
addr_family = ip6
addr_type = ipv6_addr
addr_set = addr6-set-<name>
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| abuseipdb.conf | File | 3.66 KB | 0644 |
|
| apf.conf | File | 587 B | 0644 |
|
| apprise.conf | File | 1.38 KB | 0644 |
|
| blocklist_de.conf | File | 2.65 KB | 0644 |
|
| bsd-ipfw.conf | File | 3.15 KB | 0644 |
|
| cloudflare-token.conf | File | 2.93 KB | 0644 |
|
| cloudflare.conf | File | 2.97 KB | 0644 |
|
| complain.conf | File | 4.66 KB | 0644 |
|
| dshield.conf | File | 7.5 KB | 0644 |
|
| dummy.conf | File | 1.68 KB | 0644 |
|
| firewallcmd-allports.conf | File | 1.47 KB | 0644 |
|
| firewallcmd-common.conf | File | 2.59 KB | 0644 |
|
| firewallcmd-ipset.conf | File | 3.58 KB | 0644 |
|
| firewallcmd-multiport.conf | File | 1.24 KB | 0644 |
|
| firewallcmd-new.conf | File | 1.85 KB | 0644 |
|
| firewallcmd-rich-logging.conf | File | 1021 B | 0644 |
|
| firewallcmd-rich-rules.conf | File | 1.71 KB | 0644 |
|
| helpers-common.conf | File | 592 B | 0644 |
|
| hostsdeny.conf | File | 1.62 KB | 0644 |
|
| ipfilter.conf | File | 1.54 KB | 0644 |
|
| ipfw.conf | File | 1.47 KB | 0644 |
|
| iptables-allports.conf | File | 291 B | 0644 |
|
| iptables-ipset-proto4.conf | File | 1.93 KB | 0644 |
|
| iptables-ipset-proto6-allports.conf | File | 814 B | 0644 |
|
| iptables-ipset-proto6.conf | File | 773 B | 0644 |
|
| iptables-ipset.conf | File | 2.52 KB | 0644 |
|
| iptables-multiport-log.conf | File | 2.11 KB | 0644 |
|
| iptables-multiport.conf | File | 232 B | 0644 |
|
| iptables-new.conf | File | 332 B | 0644 |
|
| iptables-xt_recent-echo.conf | File | 2.78 KB | 0644 |
|
| iptables.conf | File | 4.68 KB | 0644 |
|
| ipthreat.conf | File | 4.19 KB | 0644 |
|
| mail-buffered.conf | File | 2.44 KB | 0644 |
|
| mail-whois-common.conf | File | 1.03 KB | 0644 |
|
| mail-whois-lines.conf | File | 2.4 KB | 0644 |
|
| mail-whois.conf | File | 1.85 KB | 0644 |
|
| mail.conf | File | 1.72 KB | 0644 |
|
| mynetwatchman.conf | File | 5.2 KB | 0644 |
|
| netscaler.conf | File | 1.46 KB | 0644 |
|
| nftables-allports.conf | File | 383 B | 0644 |
|
| nftables-multiport.conf | File | 384 B | 0644 |
|
| nftables.conf | File | 6.17 KB | 0644 |
|
| nginx-block-map.conf | File | 3.92 KB | 0644 |
|
| npf.conf | File | 1.49 KB | 0644 |
|
| nsupdate.conf | File | 3.16 KB | 0644 |
|
| osx-afctl.conf | File | 497 B | 0644 |
|
| osx-ipfw.conf | File | 2.25 KB | 0644 |
|
| pf.conf | File | 3.66 KB | 0644 |
|
| route.conf | File | 1023 B | 0644 |
|
| sendmail-buffered.conf | File | 2.74 KB | 0644 |
|
| sendmail-common.conf | File | 1.89 KB | 0644 |
|
| sendmail-geoip-lines.conf | File | 1.72 KB | 0644 |
|
| sendmail-whois-ipjailmatches.conf | File | 1.03 KB | 0644 |
|
| sendmail-whois-ipmatches.conf | File | 1.01 KB | 0644 |
|
| sendmail-whois-lines.conf | File | 1.27 KB | 0644 |
|
| sendmail-whois-matches.conf | File | 1000 B | 0644 |
|
| sendmail-whois.conf | File | 950 B | 0644 |
|
| sendmail.conf | File | 829 B | 0644 |
|
| shorewall-ipset-proto6.conf | File | 3.44 KB | 0644 |
|
| shorewall.conf | File | 2.11 KB | 0644 |
|
| smtp.py | File | 6.13 KB | 0644 |
|
| symbiosis-blacklist-allports.conf | File | 1.47 KB | 0644 |
|
| ufw.conf | File | 2.32 KB | 0644 |
|
| xarf-login-attack.conf | File | 6.29 KB | 0644 |
|