# Fail2Ban configuration file # # Author: Cyril Jaquier # # [INCLUDES] before = sendmail-common.conf mail-whois-common.conf helpers-common.conf [Definition] # bypass ban/unban for restored tickets norestored = 1 # Option: actionban # Notes.: command executed when banning an IP. Take care that the # command is executed with Fail2Ban user rights. # Tags: See jail.conf(5) man page # Values: CMD # actionban = ( printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from <fq-hostname> Date: `LC_ALL=C date +"%%a, %%d %%h %%Y %%T %%z"` From: <sendername> <<sender>> To: <dest>\n Hi,\n The IP <ip> has just been banned by Fail2Ban after <failures> attempts against <name>.\n\n Here is more information about <ip> :\n" %(_whois_command)s; printf %%b "\nLines containing failures of <ip> (max <grepmax>)\n"; %(_grep_logs)s; printf %%b "\n Regards,\n Fail2Ban" ) | <mailcmd> [Init] # Default name of the chain # name = default # Path to the log files which contain relevant lines for the abuser IP # logpath = /dev/null # Number of log lines to include in the email # #grepmax = 1000 #grepopts = -m <grepmax>