Skip to content

E
eterban
Commit b468c17a authored by Ruzal Gimazov's avatar Ruzal Gimazov
Browse files
Options

Modified rules

parent b8ff280d
Hide whitespace changes
Inline Side-by-side
Showing with 8 additions and 2 deletions
gateway/etc/fail2ban/action.d/ban.conf
View file @ b468c17a
......@@ -5,10 +5,15 @@ before = iptables-common.conf
# Notes.: create list blacklist at the start of Fail2Ban
# Value: CMD (eterban-switcher.py)
actionstart = ipset --create blacklist iphash
<iptables> -t nat -I PREROUTING -p tcp -m tcp --dport 80 -m set --match-set blacklist src -j REDIRECT --to-ports 4564
<iptables> -t nat -I PREROUTING -i brlocal -p tcp -m tcp --dport 80 -m set --match-set blacklist src -j DNAT --to-destination 91.232.225.67
<iptables> -I FORWARD -p tcp -m multiport ! --dport 80,443 -m set --match-set blacklist src -j REJECT
actionflush = ipset flush blacklist
actionstop = <iptables> -t nat -D PREROUTING -p tcp -m tcp --dport 80 -m set --match-set blacklist src -j REDIRECT --to-ports 4564
actionstop = <iptables> -t nat -D PREROUTING -i brlocal -p tcp -m tcp --dport 80 -m set --match-set blacklist src -j DNAT --to-destination 91.232.225.67
<iptables> -I FORWARD -p tcp -m multiport ! --dport 80,443 -m set --match-set blacklist src -j REJECT
<actionflush>
ipset destroy blacklist
actionban = ipset -A blacklist <ip>
actionunban = ipset -D blacklist <ip>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment