On Fri, 23 Mar 2012 12:08:02 +1000 Paul Gear <p...@gear.dyndns.org> wrote:
> On 18/03/12 11:04, Mark wrote: > > Hi, > > > > I realise that one can simply start fail2ban and then it will > > insert its own ruleset before shorewall's ruleset. Are there > > subscribers to this list having alternative (and probably better) > > ways to use both fail2ban and shorewall? > > Here's what i do to prevent both incoming and outgoing traffic to > hosts banned by fail2ban. > > /etc/fail2ban/action.d/shorewall.local: > > [Definition] > actionstart = > actionstop = > actioncheck = > actionban = shorewall drop <ip> > actionunban = shorewall allow <ip> > > /etc/fail2ban/action.d/route.local: > > [Definition] > actionstart = > actionstop = > actioncheck = > actionban = ip route add unreachable <ip> > actionunban = ip route del unreachable <ip> > > /etc/fail2ban/jail.local: > > ... > [DEFAULT] > banaction=shorewall > route > ... > > Here's the full recipe (probably won't make much sense to non-puppet > users): > > https://github.com/paulgear/puppet/tree/96e9efcdf31807c00065baebed0a8177a4cdeba8/modules/fail2ban > > Paul > That's great. Thanks, Paul! ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
