"Fossies" - the Fresh Open Source Software Archive

Member "aif-2.1.1/etc/arno-iptables-firewall/plugins/adaptive-ban.conf" (16 Sep 2020, 1916 Bytes) of package /linux/privat/aif-2.1.1.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Generic config files source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 # ------------------------------------------------------------------------------
    2 #           -= Arno's Iptables Firewall(AIF) - Adaptive Ban plugin =-
    3 # ------------------------------------------------------------------------------
    4 
    5 # To actually enable this plugin make ENABLED=1:
    6 # ------------------------------------------------------------------------------
    7 ENABLED=0
    8 
    9 # Log file where failed access attempts are derived
   10 # ------------------------------------------------------------------------------
   11 ADAPTIVE_BAN_FILE="/var/log/messages"
   12 
   13 # The time in minutes between each iteration of analyzing the log file
   14 # ------------------------------------------------------------------------------
   15 ADAPTIVE_BAN_TIME=2
   16 
   17 # The number of log failures to ban host
   18 # ------------------------------------------------------------------------------
   19 ADAPTIVE_BAN_COUNT=6
   20 
   21 # A list of analysis types that are applied
   22 # Choose from: sshd asterisk lighttpd mini_httpd pptpd
   23 # ------------------------------------------------------------------------------
   24 ADAPTIVE_BAN_TYPES="sshd asterisk"
   25 
   26 # By default, inbound packets from banned IP addresses will be silently DROP'ed
   27 # As an option, the packets can be REJECT'ed instead of being DROP'ed
   28 # Define ADAPTIVE_BAN_REJECT=1 for an ICMP error message to be returned
   29 # ------------------------------------------------------------------------------
   30 ADAPTIVE_BAN_REJECT=0
   31 
   32 # Bt default, INTERNAL (LAN) networks will be whitelisted against banning
   33 # As an option, this automatic whitelisting can be disabled
   34 # Define ADAPTIVE_BAN_WHITELIST_INTERNAL=0 to disable INTERNAL whitelisting
   35 # ------------------------------------------------------------------------------
   36 ADAPTIVE_BAN_WHITELIST_INTERNAL=1
   37 
   38 # Whitelist Hosts
   39 # A list of IP addresses whose traffic will never be banned
   40 # ------------------------------------------------------------------------------
   41 ADAPTIVE_BAN_WHITELIST=""