diff --git a/debian/resources/fail2ban/jail.local b/debian/resources/fail2ban/jail.local index a55c918..d4273f1 100755 --- a/debian/resources/fail2ban/jail.local +++ b/debian/resources/fail2ban/jail.local @@ -1,74 +1,86 @@ +[ssh] +enabled = true +port = 5060-5090 +protocol = ssh +filter = sshd +logpath = /var/log/auth.log +action = iptables-allports[name=sshd, protocol=all] +maxretry = 5 +findtime = 7200 +bantime = 86400 + [freeswitch-udp] enabled = true -port = 5060,5061,5080,5081 +port = 5060-5090 +5080,5081 protocol = all filter = freeswitch logpath = /var/log/freeswitch/freeswitch.log -action = iptables-multiport[name=freeswitch-udp, port="5060,5061,5080,5081", protocol=udp] +action = iptables-multiport[name=freeswitch-udp, port="5060-5090", protocol=udp] maxretry = 5 findtime = 600 -bantime = 600 +bantime = 3600 # sendmail-whois[name=FreeSwitch, dest=root, sender=fail2ban@example.org] #no smtp server installed [freeswitch-tcp] enabled = true -port = 5060,5061,5080,5081 +port = 5060-5090 protocol = all filter = freeswitch logpath = /var/log/freeswitch/freeswitch.log -action = iptables-multiport[name=freeswitch-tcp, port="5060,5061,5080,5081", protocol=tcp] +action = iptables-multiport[name=freeswitch-tcp, port="5060-5090", protocol=tcp] maxretry = 5 findtime = 600 -bantime = 600 +bantime = 3600 # sendmail-whois[name=FreeSwitch, dest=root, sender=fail2ban@example.org] #no smtp server installed [freeswitch-ip-tcp] enabled = false -port = 5060,5061,5080,5081 +port = 5060-5090 protocol = all filter = freeswitch-ip logpath = /var/log/freeswitch/freeswitch.log -action = iptables-multiport[name=freeswitch-ip-tcp, port="5060,5061,5080,5081", protocol=tcp] +action = iptables-multiport[name=freeswitch-ip-tcp, port="5060-5090", protocol=tcp] maxretry = 1 findtime = 30 bantime = 86400 [freeswitch-ip-udp] enabled = false -port = 5060,5061,5080,5081 +port = 5060-5090 protocol = all filter = freeswitch-ip logpath = /var/log/freeswitch/freeswitch.log -action = iptables-multiport[name=freeswitch-ip-udp, port="5060,5061,5080,5081", protocol=udp] +action = iptables-multiport[name=freeswitch-ip-udp, port="5060-5090", protocol=udp] maxretry = 1 findtime = 30 bantime = 86400 [freeswitch-dos-udp] enabled = true -port = 5060,5061,5080,5081 +port = 5060-5090 protocol = all filter = freeswitch-dos logpath = /var/log/freeswitch/freeswitch.log -action = iptables-multiport[name=freeswitch-dos-udp, port="5060,5061,5080,5081", protocol=udp] +action = iptables-multiport[name=freeswitch-dos-udp, port="5060-5090", protocol=udp] maxretry = 50 findtime = 30 bantime = 6000 [freeswitch-dos-tcp] enabled = true -port = 5060,5061,5080,5081 +port = 5060-5090 protocol = all filter = freeswitch-dos logpath = /var/log/freeswitch/freeswitch.log -action = iptables-multiport[name=freeswitch-dos-tcp, port="5060,5061,5080,5081", protocol=tcp] +action = iptables-multiport[name=freeswitch-dos-tcp, port="5060-5090", protocol=tcp] maxretry = 50 findtime = 30 -bantime = 6000 +bantime = 7200 [freeswitch-404] enabled = true -port = 5060,5061,5080,5081 +port = 5060-5090 protocol = all filter = freeswitch-404 logpath = /var/log/freeswitch/freeswitch.log @@ -87,7 +99,7 @@ action = iptables-multiport[name=fusionpbx, port="http,https", protocol=tcp] # sendmail-whois[name=fusionpbx, dest=root, sender=fail2ban@example.org] #no smtp server installed maxretry = 10 findtime = 600 -bantime = 600 +bantime = 3600 [fusionpbx-mac] enabled = true @@ -97,8 +109,8 @@ filter = fusionpbx-mac logpath = /var/log/syslog action = iptables-multiport[name=fusionpbx-mac, port="http,https", protocol=tcp] # sendmail-whois[name=fusionpbx-mac, dest=root, sender=fail2ban@example.org] #no smtp server installed -maxretry = 3 -findtime = 600 +maxretry = 5 +findtime = 300 bantime = -1 [nginx-404] @@ -107,7 +119,7 @@ port = 80,443 protocol = tcp filter = nginx-404 logpath = /var/log/nginx/access*.log -bantime = 600 +bantime = 3600 findtime = 60 maxretry = 120