Fork of FusionPBX but with LDAP kinda working
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 

143 lines
3.6 KiB

[ssh]
enabled = true
port = 22
protocol = ssh
filter = sshd
logpath = /var/log/auth.log
action = iptables-allports[name=sshd, protocol=all]
maxretry = 6
findtime = 60
bantime = 86400
[freeswitch]
enabled = false
port = 5060:5091
protocol = all
filter = freeswitch
logpath = /var/log/freeswitch/freeswitch.log
#logpath = /usr/local/freeswitch/log/freeswitch.log
action = iptables-allports[name=freeswitch, protocol=all]
maxretry = 10
findtime = 60
bantime = 3600
# sendmail-whois[name=FreeSwitch, dest=root, sender=fail2ban@example.org] #no smtp server installed
[freeswitch-acl]
enabled = false
port = 5060:5091
protocol = all
filter = freeswitch-acl
logpath = /var/log/freeswitch/freeswitch.log
#logpath = /usr/local/freeswitch/log/freeswitch.log
action = iptables-allports[name=freeswitch-acl, protocol=all]
maxretry = 900
findtime = 60
bantime = 86400
[freeswitch-ip]
enabled = false
port = 5060:5091
protocol = all
filter = freeswitch-ip
logpath = /var/log/freeswitch/freeswitch.log
#logpath = /usr/local/freeswitch/log/freeswitch.log
action = iptables-allports[name=freeswitch-ip, protocol=all]
maxretry = 1
findtime = 60
bantime = 86400
[auth-challenge-ip]
enabled = false
port = 5060:5091
protocol = all
filter = auth-challenge-ip
logpath = /var/log/freeswitch/freeswitch.log
#logpath = /usr/local/freeswitch/log/freeswitch.log
action = iptables-allports[name=auth-challenge-ip, protocol=all]
maxretry = 1
findtime = 60
bantime = 86400
[sip-auth-challenge]
enabled = false
port = 5060:5091
protocol = all
filter = sip-auth-challenge
logpath = /var/log/freeswitch/freeswitch.log
#logpath = /usr/local/freeswitch/log/freeswitch.log
action = iptables-allports[name=sip-auth-challenge, protocol=all]
maxretry = 100
findtime = 60
bantime = 7200
[sip-auth-failure]
enabled = false
port = 5060:5091
protocol = all
filter = sip-auth-failure
logpath = /var/log/freeswitch/freeswitch.log
#logpath = /usr/local/freeswitch/log/freeswitch.log
action = iptables-allports[name=sip-auth-failure, protocol=all]
maxretry = 6
findtime = 60
bantime = 7200
[fusionpbx-404]
enabled = false
port = 5060:5091
protocol = all
filter = fusionpbx-404
logpath = /var/log/freeswitch/freeswitch.log
#logpath = /usr/local/freeswitch/log/freeswitch.log
action = iptables-allports[name=fusionpbx-404, protocol=all]
maxretry = 6
findtime = 60
bantime = 86400
[fusionpbx]
enabled = true
port = 80,443
protocol = tcp
filter = fusionpbx
logpath = /var/log/auth.log
action = iptables-allports[name=fusionpbx, protocol=all]
# sendmail-whois[name=fusionpbx, dest=root, sender=fail2ban@example.org] #no smtp server installed
maxretry = 20
findtime = 60
bantime = 3600
[fusionpbx-mac]
enabled = true
port = 80,443
protocol = tcp
filter = fusionpbx-mac
logpath = /var/log/syslog
action = iptables-allports[name=fusionpbx-mac, protocol=all]
# sendmail-whois[name=fusionpbx-mac, dest=root, sender=fail2ban@example.org] #no smtp server installed
maxretry = 10
findtime = 60
bantime = 86400
[nginx-404]
enabled = true
port = 80,443
protocol = tcp
filter = nginx-404
logpath = /var/log/nginx/access*.log
action = iptables-allports[name=nginx-404, protocol=all]
bantime = 3600
findtime = 60
maxretry = 300
[nginx-dos]
# Based on apache-badbots but a simple IP check (any IP requesting more than
# 300 pages in 60 seconds, or 5p/s average, is suspicious)
enabled = true
port = 80,443
protocol = tcp
filter = nginx-dos
logpath = /var/log/nginx/access*.log
action = iptables-allports[name=nginx-dos, protocol=all]
findtime = 60
bantime = 86400
maxretry = 800