"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "config/action.d/firewallcmd-ipset.conf" between
fail2ban-0.10.5.tar.gz and fail2ban-0.11.1.tar.gz

About:

firewallcmd-ipset.conf  (fail2ban-0.10.5):firewallcmd-ipset.conf  (fail2ban-0.11.1)
skipping to change at line 21 skipping to change at line 21
# #
# If you are running on an older kernel you make need to patch in external # If you are running on an older kernel you make need to patch in external
# modules. # modules.
[INCLUDES] [INCLUDES]
before = firewallcmd-common.conf before = firewallcmd-common.conf
[Definition] [Definition]
actionstart = ipset create <ipmset> hash:ip timeout <bantime><familyopt> actionstart = ipset create <ipmset> hash:ip timeout <default-timeout><familyopt>
firewall-cmd --direct --add-rule <family> filter <chain> 0 <action type> -m set --match-set <ipmset> src -j <blocktype> firewall-cmd --direct --add-rule <family> filter <chain> 0 <action type> -m set --match-set <ipmset> src -j <blocktype>
actionflush = ipset flush <ipmset> actionflush = ipset flush <ipmset>
actionstop = firewall-cmd --direct --remove-rule <family> filter <chain> 0 <acti ontype> -m set --match-set <ipmset> src -j <blocktype> actionstop = firewall-cmd --direct --remove-rule <family> filter <chain> 0 <acti ontype> -m set --match-set <ipmset> src -j <blocktype>
<actionflush> <actionflush>
ipset destroy <ipmset> ipset destroy <ipmset>
actionban = ipset add <ipmset> <ip> timeout <bantime> -exist actionban = ipset add <ipmset> <ip> timeout <bantime> -exist
actionprolong = %(actionban)s
actionunban = ipset del <ipmset> <ip> -exist actionunban = ipset del <ipmset> <ip> -exist
[Init] [Init]
# Option: chain # Option: chain
# Notes specifies the iptables chain to which the fail2ban rules should be # Notes specifies the iptables chain to which the fail2ban rules should be
# added # added
# Values: [ STRING ] # Values: [ STRING ]
# #
chain = INPUT_direct chain = INPUT_direct
# Option: bantime # Option: default-timeout
# Notes: specifies the bantime in seconds (handled internally rather than by fa # Notes: specifies default timeout in seconds (handled default ipset timeout on
il2ban) ly)
# Values: [ NUM ] Default: 600 # Values: [ NUM ] Default: 600
bantime = 600 default-timeout = 600
# Option: actiontype # Option: actiontype
# Notes.: defines additions to the blocking rule # Notes.: defines additions to the blocking rule
# Values: leave empty to block all attempts from the host # Values: leave empty to block all attempts from the host
# Default: Value of the multiport # Default: Value of the multiport
actiontype = <multiport> actiontype = <multiport>
# Option: allports # Option: allports
# Notes.: default addition to block all ports # Notes.: default addition to block all ports
# Usage.: use in jail config: banaction = firewallcmd-ipset[actiontype=<allport s>] # Usage.: use in jail config: banaction = firewallcmd-ipset[actiontype=<allport s>]
 End of changes. 4 change blocks. 
5 lines changed or deleted 7 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)