jail.local 3.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131
  1. [ssh]
  2. enabled = true
  3. port = 22
  4. protocol = ssh
  5. filter = sshd
  6. logpath = /var/log/auth.log
  7. action = iptables-allports[name=sshd, protocol=all]
  8. maxretry = 5
  9. findtime = 7200
  10. bantime = 86400
  11. [freeswitch]
  12. enabled = true
  13. port = 5060:5091
  14. protocol = all
  15. filter = freeswitch
  16. logpath = /var/log/freeswitch/freeswitch.log
  17. #logpath = /usr/local/freeswitch/log/freeswitch.log
  18. action = iptables-allports[name=freeswitch, protocol=all]
  19. maxretry = 5
  20. findtime = 600
  21. bantime = 3600
  22. # sendmail-whois[name=FreeSwitch, dest=root, [email protected]] #no smtp server installed
  23. [freeswitch-ip]
  24. enabled = false
  25. port = 5060:5091
  26. protocol = all
  27. filter = freeswitch-ip
  28. logpath = /var/log/freeswitch/freeswitch.log
  29. #logpath = /usr/local/freeswitch/log/freeswitch.log
  30. action = iptables-allports[name=freeswitch-ip, protocol=all]
  31. maxretry = 1
  32. findtime = 30
  33. bantime = 86400
  34. [auth-challenge-ip]
  35. enabled = false
  36. port = 5060:5091
  37. protocol = all
  38. filter = auth-challenge-ip
  39. logpath = /var/log/freeswitch/freeswitch.log
  40. #logpath = /usr/local/freeswitch/log/freeswitch.log
  41. action = iptables-allports[name=auth-challenge-ip, protocol=all]
  42. maxretry = 1
  43. findtime = 30
  44. bantime = 86400
  45. [sip-auth-challenge]
  46. enabled = true
  47. port = 5060:5091
  48. protocol = all
  49. filter = sip-auth-challenge
  50. logpath = /var/log/freeswitch/freeswitch.log
  51. #logpath = /usr/local/freeswitch/log/freeswitch.log
  52. action = iptables-allports[name=sip-auth-challenge, protocol=all]
  53. maxretry = 50
  54. findtime = 30
  55. bantime = 7200
  56. [sip-auth-failure]
  57. enabled = true
  58. port = 5060:5091
  59. protocol = all
  60. filter = sip-auth-failure
  61. logpath = /var/log/freeswitch/freeswitch.log
  62. #logpath = /usr/local/freeswitch/log/freeswitch.log
  63. action = iptables-allports[name=sip-auth-failure, protocol=all]
  64. maxretry = 3
  65. findtime = 30
  66. bantime = 7200
  67. [fusionpbx-404]
  68. enabled = true
  69. port = 5060:5091
  70. protocol = all
  71. filter = fusionpbx-404
  72. logpath = /var/log/freeswitch/freeswitch.log
  73. #logpath = /usr/local/freeswitch/log/freeswitch.log
  74. action = iptables-allports[name=fusionpbx-404, protocol=all]
  75. maxretry = 3
  76. findtime = 300
  77. bantime = 86400
  78. [fusionpbx]
  79. enabled = true
  80. port = 80,443
  81. protocol = tcp
  82. filter = fusionpbx
  83. logpath = /var/log/auth.log
  84. action = iptables-allports[name=fusionpbx, protocol=all]
  85. # sendmail-whois[name=fusionpbx, dest=root, [email protected]] #no smtp server installed
  86. maxretry = 10
  87. findtime = 600
  88. bantime = 3600
  89. [fusionpbx-mac]
  90. enabled = true
  91. port = 80,443
  92. protocol = tcp
  93. filter = fusionpbx-mac
  94. logpath = /var/log/syslog
  95. action = iptables-allports[name=fusionpbx-mac, protocol=all]
  96. # sendmail-whois[name=fusionpbx-mac, dest=root, [email protected]] #no smtp server installed
  97. maxretry = 5
  98. findtime = 300
  99. bantime = 86400
  100. [nginx-404]
  101. enabled = true
  102. port = 80,443
  103. protocol = tcp
  104. filter = nginx-404
  105. logpath = /var/log/nginx/access*.log
  106. action = iptables-allports[name=nginx-404, protocol=all]
  107. bantime = 3600
  108. findtime = 60
  109. maxretry = 120
  110. [nginx-dos]
  111. # Based on apache-badbots but a simple IP check (any IP requesting more than
  112. # 240 pages in 60 seconds, or 4p/s average, is suspicious)
  113. enabled = false
  114. port = 80,443
  115. protocol = tcp
  116. filter = nginx-dos
  117. logpath = /var/log/nginx/access*.log
  118. action = iptables-allports[name=nginx-dos, protocol=all]
  119. findtime = 60
  120. bantime = 86400
  121. maxretry = 240