[freeswitch-udp]
enabled  = true
port     = 5060,5061,5080,5081
protocol = all
filter   = freeswitch
logpath  = /var/log/freeswitch/freeswitch.log
action   = iptables-multiport[name=freeswitch-udp, port="5060,5061,5080,5081", protocol=udp]
maxretry = 5
findtime = 600
bantime  = 600
#          sendmail-whois[name=FreeSwitch, dest=root, sender=fail2ban@example.org] #no smtp server installed

[freeswitch-tcp]
enabled  = true
port     = 5060,5061,5080,5081
protocol = all
filter   = freeswitch
logpath  = /var/log/freeswitch/freeswitch.log
action   = iptables-multiport[name=freeswitch-tcp, port="5060,5061,5080,5081", protocol=tcp]
maxretry = 5
findtime = 600
bantime  = 600
#          sendmail-whois[name=FreeSwitch, dest=root, sender=fail2ban@example.org] #no smtp server installed

[freeswitch-ip-tcp]
enabled  = false
port     = 5060,5061,5080,5081
protocol = all
filter   = freeswitch-ip
logpath  = /var/log/freeswitch/freeswitch.log
action   = iptables-multiport[name=freeswitch-ip-tcp, port="5060,5061,5080,5081", protocol=tcp]
maxretry = 1
findtime = 30
bantime  = 86400

[freeswitch-ip-udp]
enabled  = false
port     = 5060,5061,5080,5081
protocol = all
filter   = freeswitch-ip
logpath  = /var/log/freeswitch/freeswitch.log
action   = iptables-multiport[name=freeswitch-ip-udp, port="5060,5061,5080,5081", protocol=udp]
maxretry = 1
findtime = 30
bantime  = 86400

[freeswitch-dos-udp]
enabled  = true
port     = 5060,5061,5080,5081
protocol = all
filter   = freeswitch-dos
logpath  = /var/log/freeswitch/freeswitch.log
action   = iptables-multiport[name=freeswitch-dos-udp, port="5060,5061,5080,5081", protocol=udp]
maxretry = 50
findtime = 30
bantime  = 6000

[freeswitch-dos-tcp]
enabled  = true
port     = 5060,5061,5080,5081
protocol = all
filter   = freeswitch-dos
logpath  = /var/log/freeswitch/freeswitch.log
action   = iptables-multiport[name=freeswitch-dos-tcp, port="5060,5061,5080,5081", protocol=tcp]
maxretry = 50
findtime = 30
bantime  = 6000

[freeswitch-404]
enabled  = true
port     = 5060,5061,5080,5081
protocol = all
filter   = freeswitch-404
logpath  = /var/log/freeswitch/freeswitch.log
action   = iptables-allports[name=freeswitch-404, protocol=all]
maxretry = 3
findtime = 300
bantime  = 86400

[fusionpbx]
enabled  = true
port     = 80,443
protocol = tcp
filter   = fusionpbx
logpath  = /var/log/auth.log
action   = iptables-multiport[name=fusionpbx, port="http,https", protocol=tcp]
#          sendmail-whois[name=fusionpbx, dest=root, sender=fail2ban@example.org] #no smtp server installed
maxretry = 10
findtime = 600
bantime  = 600

[fusionpbx-invalid-mac]
enabled  = true
port     = 80,443
protocol = tcp
filter   = fusionpbx-invalid-mac
logpath  = /var/log/syslog
action   = iptables-multiport[name=fusionpbx, port="http,https", protocol=tcp]
#          sendmail-whois[name=fusionpbx, dest=root, sender=fail2ban@example.org] #no smtp server installed
maxretry = 3
findtime = 600
bantime  = -1

[nginx-404]
enabled  = true
port     = 80,443
protocol = tcp
filter   = nginx-404
logpath  = /var/log/nginx/access*.log
bantime  = 600
findtime = 60
maxretry = 120

[nginx-dos]
# Based on apache-badbots but a simple IP check (any IP requesting more than
# 240 pages in 60 seconds, or 4p/s average, is suspicious)
enabled  = true
port     = 80,443
protocol = tcp
filter   = nginx-dos
logpath  = /var/log/nginx/access*.log
findtime = 60
bantime  = -1
maxretry = 240