-
Notifications
You must be signed in to change notification settings - Fork 102
/
pillar.example
85 lines (73 loc) · 1.87 KB
/
pillar.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
fail2ban:
lookup:
loglevel: ERROR
bantime: 600
maxretry: 3
backend: auto
# fail2ban.local
config:
# # FTP-style
# source_path: salt://path-to-fail2ban-file
# Template-style
loglevel: ERROR
logtarget: /var/log/fail2ban.log
# jail.local
jails:
# # FTP-style
# source_path: salt://path-to-jail-file
# Template-style
DEFAULT:
ignoreip: 127.0.0.1
bantime: 600
ssh:
action: iptables[name=SSH, port=ssh, protocol=tcp]
enabled: 'true'
filter: sshd
logpath: /var/log/auth.log
maxretry: 6
port: ssh
ignoreip: 127.0.0.1/8
ssh_ddos:
action: iptables[name=SSH, port=ssh, protocol=tcp]
enabled: 'true'
filter: sshd-ddos
logpath: /var/log/auth.log
maxretry: 6
port: ssh
ignoreip: 127.0.0.1/8
# action.d
actions:
# Template-style
csf-ip-deny:
# OPTIONAL, default true;
# if false, the action.d/csf-ip-deny.local action will be deleted
enabled: true
config:
Definition:
actionban: csf -d <ip> Added by Fail2Ban for <name>
actionunban: csf -dr <ip>
# yamllint disable rule:comments-indentation
# # FTP-style
# test-action:
# config:
# source_path: salt://path-to-action-file
# yamllint enable rule:comments-indentation
# filter.d
filters:
# Template-style
nginx-noscript:
# OPTIONAL, default true;
# if false, the filter.d/nginx-noscript.local will be deleted
enabled: true
config:
Definition:
failregex: <HOST>.*(GET|POST).*(\.php|\.asp|\.exe|\.pl|\.cgi|\.scgi).*
# yamllint disable rule:comments-indentation
# # FTP-style
# test-filter:
# config:
# source_path: salt://path-to-filter-file
# yamllint enable rule:comments-indentation