f2b role files #8
6
roles/fail2ban/files/recidive
Normal file
6
roles/fail2ban/files/recidive
Normal file
@ -0,0 +1,6 @@
|
||||
[recidive]
|
||||
enabled = true
|
||||
filter = recidive
|
||||
logpath = /var/log/fail2ban.log
|
||||
action = iptables-allports[name=recidive]
|
||||
sendmail-whois-lines[name=recidive, logpath=/var/log/fail2ban.log]
|
5
roles/fail2ban/files/ssh
Normal file
5
roles/fail2ban/files/ssh
Normal file
@ -0,0 +1,5 @@
|
||||
[ssh]
|
||||
enabled = true
|
||||
filter = sshd
|
||||
action = iptables[name=SSH, port=ssh, protocol=tcp]
|
||||
logpath = /var/log/auth.log
|
7
roles/fail2ban/handlers/main.yml
Normal file
7
roles/fail2ban/handlers/main.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
# handlers file for fail2ban
|
||||
- name: reload fail2ban
|
||||
service:
|
||||
name: fail2ban
|
||||
state: reloaded
|
||||
enabled: yes
|
39
roles/fail2ban/tasks/main.yml
Normal file
39
roles/fail2ban/tasks/main.yml
Normal file
@ -0,0 +1,39 @@
|
||||
---
|
||||
# tasks file for fail2ban
|
||||
- name: Instalação fail2ban
|
||||
become: true
|
||||
apt:
|
||||
name:
|
||||
- fail2ban
|
||||
state: present
|
||||
update_cache: yes
|
||||
cache_valid_time: 86400
|
||||
force_apt_get: yes
|
||||
|
||||
- name: Apply fail2ban default config
|
||||
become: true
|
||||
template:
|
||||
src: default.j2
|
||||
dest: /etc/fail2ban/jail.d/00-default.conf
|
||||
mode: 0644
|
||||
notify:
|
||||
- reload fail2ban
|
||||
|
||||
- name: Copy fail2ban jails
|
||||
become: true
|
||||
copy:
|
||||
src: '{{ item }}'
|
||||
dest: /etc/fail2ban/jail.d/{{ item }}.conf
|
||||
mode: 0644
|
||||
with_items:
|
||||
- recidive
|
||||
- ssh
|
||||
notify:
|
||||
- reload fail2ban
|
||||
|
||||
- name: Start service fail2ban, if not started
|
||||
become: true
|
||||
service:
|
||||
name: fail2ban.service
|
||||
state: started
|
||||
enabled: yes
|
26
roles/fail2ban/templates/default.j2
Normal file
26
roles/fail2ban/templates/default.j2
Normal file
@ -0,0 +1,26 @@
|
||||
[DEFAULT]
|
||||
ignoreip = 127.0.0.1/8
|
||||
bantime = 604800 ; 1 week
|
||||
findtime = 86400 ; 1 day
|
||||
maxretry = 3
|
||||
backend = auto
|
||||
usedns = warn
|
||||
destemail = direccao@ansol.org
|
||||
sendername = Fail2Ban
|
||||
banaction = iptables-multiport
|
||||
mta = sendmail
|
||||
protocol = tcp
|
||||
chain = INPUT
|
||||
|
||||
# The simplest action to take: ban only
|
||||
action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
|
||||
|
||||
# ban & send an e-mail with whois report to the destemail.
|
||||
action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
|
||||
%(mta)s-whois[name=%(__name__)s, dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s", sendername="%(sendername)s"]
|
||||
|
||||
# ban & send an e-mail with whois report and relevant log lines to the destemail.
|
||||
action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
|
||||
%(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s", sendername="%(sendername)s"]
|
||||
|
||||
action = %(action_)s
|
Loading…
Reference in New Issue
Block a user