[Fail2ban-commit] SF.net SVN: fail2ban:[724] branches/FAIL2BAN-0_8

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Revision: 724
          http://fail2ban.svn.sourceforge.net/fail2ban/?rev=724&view=rev
Author:   lostcontrol
Date:     2009-01-27 23:39:38 +0000 (Tue, 27 Jan 2009)

Log Message:
-----------
- Added NetBSD ipfilter (ipf command) action. Thanks to Ed Ravin. Tracker #2484115.

Modified Paths:
--------------
    branches/FAIL2BAN-0_8/ChangeLog
    branches/FAIL2BAN-0_8/MANIFEST

Added Paths:
-----------
    branches/FAIL2BAN-0_8/config/action.d/ipfilter.conf

Modified: branches/FAIL2BAN-0_8/ChangeLog
===================================================================

--- branches/FAIL2BAN-0_8/ChangeLog	2009-01-27 23:35:46 UTC (rev 723)
+++ branches/FAIL2BAN-0_8/ChangeLog	2009-01-27 23:39:38 UTC (rev 724)
@@ -29,6 +29,8 @@
   #1967610.
 - Improved SASL filter. Thanks to Loic Pefferkorn. Tracker
   #2310410.
+- Added NetBSD ipfilter (ipf command) action. Thanks to Ed
+  Ravin. Tracker #2484115.
 
 ver. 0.8.3 (2008/07/17) - stable
 ----------

Modified: branches/FAIL2BAN-0_8/MANIFEST
===================================================================
--- branches/FAIL2BAN-0_8/MANIFEST	2009-01-27 23:35:46 UTC (rev 723)
+++ branches/FAIL2BAN-0_8/MANIFEST	2009-01-27 23:39:38 UTC (rev 724)
@@ -83,6 +83,7 @@
 config/action.d/dshield.conf
 config/action.d/hostsdeny.conf
 config/action.d/ipfw.conf
+config/action.d/ipfilter.conf
 config/action.d/iptables.conf
 config/action.d/iptables-allports.conf
 config/action.d/iptables-multiport.conf

Added: branches/FAIL2BAN-0_8/config/action.d/ipfilter.conf
===================================================================
--- branches/FAIL2BAN-0_8/config/action.d/ipfilter.conf	                        (rev 0)
+++ branches/FAIL2BAN-0_8/config/action.d/ipfilter.conf	2009-01-27 23:39:38 UTC (rev 724)
@@ -0,0 +1,57 @@
+# Fail2Ban configuration file
+#
+# NetBSD ipfilter (ipf command) ban/unban
+#
+# Author: Ed Ravin <er...@pa...>
+#
+#
+
+[Definition]
+
+# Option:  actionstart
+# Notes.:  command executed once at the start of Fail2Ban.
+# Values:  CMD
+#
+# enable IPF if not already enabled
+actionstart = /sbin/ipf -E
+
+
+# Option:  actionstop
+# Notes.:  command executed once at the end of Fail2Ban
+# Values:  CMD
+#
+# don't disable IPF with "/sbin/ipf -D", there may be other filters in use
+actionstop = 
+
+
+# Option:  actioncheck
+# Notes.:  command executed once before each actionban command
+# Values:  CMD
+#
+actioncheck = 
+
+
+# Option:  actionban
+# Notes.:  command executed when banning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    <ip>  IP address
+#          <failures>  number of failures
+#          <time>  unix timestamp of the ban time
+# Values:  CMD
+#
+actionban = echo block in quick from <ip>/32 | /sbin/ipf -f -
+
+
+# Option:  actionunban
+# Notes.:  command executed when unbanning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    <ip>  IP address
+#          <failures>  number of failures
+#          <time>  unix timestamp of the ban time
+# Values:  CMD
+#
+# note -r option used to remove matching rule
+actionunban = echo block in quick from <ip>/32 | /sbin/ipf -r -f -
+
+[Init]
+


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


