crt
/
fusionpbx-ldap
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Fork of FusionPBX but with LDAP kinda working
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
28 MiB
Tree: fc4fa7a8fb
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'fc4fa7a8fb'
${ noResults }
fusionpbx-ldap/Install_Scripts/debian/resources/fail2ban/jail.local

143 lines
3.6 KiB
Raw Normal View History

copied over install scripts to adapt
2 years ago
  1. [ssh]
  2. enabled = true
  3. port = 22
  4. protocol = ssh
  5. filter = sshd
  6. logpath = /var/log/auth.log
  7. action = iptables-allports[name=sshd, protocol=all]
  8. maxretry = 6
  9. findtime = 60
  10. bantime = 86400
  12. [freeswitch]
  13. enabled = false
  14. port = 5060:5091
  15. protocol = all
  16. filter = freeswitch
  17. logpath = /var/log/freeswitch/freeswitch.log
  18. #logpath = /usr/local/freeswitch/log/freeswitch.log
  19. action = iptables-allports[name=freeswitch, protocol=all]
  20. maxretry = 10
  21. findtime = 60
  22. bantime = 3600
  23. # sendmail-whois[name=FreeSwitch, dest=root, sender=fail2ban@example.org] #no smtp server installed
  25. [freeswitch-acl]
  26. enabled = false
  27. port = 5060:5091
  28. protocol = all
  29. filter = freeswitch-acl
  30. logpath = /var/log/freeswitch/freeswitch.log
  31. #logpath = /usr/local/freeswitch/log/freeswitch.log
  32. action = iptables-allports[name=freeswitch-acl, protocol=all]
  33. maxretry = 900
  34. findtime = 60
  35. bantime = 86400
  37. [freeswitch-ip]
  38. enabled = false
  39. port = 5060:5091
  40. protocol = all
  41. filter = freeswitch-ip
  42. logpath = /var/log/freeswitch/freeswitch.log
  43. #logpath = /usr/local/freeswitch/log/freeswitch.log
  44. action = iptables-allports[name=freeswitch-ip, protocol=all]
  45. maxretry = 1
  46. findtime = 60
  47. bantime = 86400
  49. [auth-challenge-ip]
  50. enabled = false
  51. port = 5060:5091
  52. protocol = all
  53. filter = auth-challenge-ip
  54. logpath = /var/log/freeswitch/freeswitch.log
  55. #logpath = /usr/local/freeswitch/log/freeswitch.log
  56. action = iptables-allports[name=auth-challenge-ip, protocol=all]
  57. maxretry = 1
  58. findtime = 60
  59. bantime = 86400
  61. [sip-auth-challenge]
  62. enabled = false
  63. port = 5060:5091
  64. protocol = all
  65. filter = sip-auth-challenge
  66. logpath = /var/log/freeswitch/freeswitch.log
  67. #logpath = /usr/local/freeswitch/log/freeswitch.log
  68. action = iptables-allports[name=sip-auth-challenge, protocol=all]
  69. maxretry = 100
  70. findtime = 60
  71. bantime = 7200
  73. [sip-auth-failure]
  74. enabled = false
  75. port = 5060:5091
  76. protocol = all
  77. filter = sip-auth-failure
  78. logpath = /var/log/freeswitch/freeswitch.log
  79. #logpath = /usr/local/freeswitch/log/freeswitch.log
  80. action = iptables-allports[name=sip-auth-failure, protocol=all]
  81. maxretry = 6
  82. findtime = 60
  83. bantime = 7200
  85. [fusionpbx-404]
  86. enabled = false
  87. port = 5060:5091
  88. protocol = all
  89. filter = fusionpbx-404
  90. logpath = /var/log/freeswitch/freeswitch.log
  91. #logpath = /usr/local/freeswitch/log/freeswitch.log
  92. action = iptables-allports[name=fusionpbx-404, protocol=all]
  93. maxretry = 6
  94. findtime = 60
  95. bantime = 86400
  97. [fusionpbx]
  98. enabled = true
  99. port = 80,443
  100. protocol = tcp
  101. filter = fusionpbx
  102. logpath = /var/log/auth.log
  103. action = iptables-allports[name=fusionpbx, protocol=all]
  104. # sendmail-whois[name=fusionpbx, dest=root, sender=fail2ban@example.org] #no smtp server installed
  105. maxretry = 20
  106. findtime = 60
  107. bantime = 3600
  109. [fusionpbx-mac]
  110. enabled = true
  111. port = 80,443
  112. protocol = tcp
  113. filter = fusionpbx-mac
  114. logpath = /var/log/syslog
  115. action = iptables-allports[name=fusionpbx-mac, protocol=all]
  116. # sendmail-whois[name=fusionpbx-mac, dest=root, sender=fail2ban@example.org] #no smtp server installed
  117. maxretry = 10
  118. findtime = 60
  119. bantime = 86400
  121. [nginx-404]
  122. enabled = true
  123. port = 80,443
  124. protocol = tcp
  125. filter = nginx-404
  126. logpath = /var/log/nginx/access*.log
  127. action = iptables-allports[name=nginx-404, protocol=all]
  128. bantime = 3600
  129. findtime = 60
  130. maxretry = 300
  132. [nginx-dos]
  133. # Based on apache-badbots but a simple IP check (any IP requesting more than
  134. # 300 pages in 60 seconds, or 5p/s average, is suspicious)
  135. enabled = true
  136. port = 80,443
  137. protocol = tcp
  138. filter = nginx-dos
  139. logpath = /var/log/nginx/access*.log
  140. action = iptables-allports[name=nginx-dos, protocol=all]
  141. findtime = 60
  142. bantime = 86400
  143. maxretry = 800