From 45b4cf7c6903fa6df348dd6c1026bbdffb086b50 Mon Sep 17 00:00:00 2001 From: Mario Fetka Date: Sun, 8 Jan 2023 19:43:31 +0100 Subject: [PATCH] add fail2ban config files --- README.md | 2 +- fail2ban/action.d/mysticbbs.conf | 21 +++++++++++++++++++++ fail2ban/filter.d/mysticbbs.conf | 12 ++++++++++++ fail2ban/jail.d/mysticbbs.conf | 9 +++++++++ fail2ban/systemd/howto.txt | 1 + fail2ban/systemd/override.conf | 4 ++++ 6 files changed, 48 insertions(+), 1 deletion(-) create mode 100644 fail2ban/action.d/mysticbbs.conf create mode 100644 fail2ban/filter.d/mysticbbs.conf create mode 100644 fail2ban/jail.d/mysticbbs.conf create mode 100644 fail2ban/systemd/howto.txt create mode 100644 fail2ban/systemd/override.conf diff --git a/README.md b/README.md index c4bec33..8d8e55a 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ Installscript / Systemd Files / Themes German&English bash -c "$(wget -qLO - https://gitea.disconnected-by-peer.at/geos_one/mystic/raw/branch/main/install.sh)" -#Thankyou +Thankyou https://vswitchzero.com/mystic-systemd/ for the initial systemd scripts for mis and mrc https://tteck.github.io/Proxmox/ for the layout of the install script and the cool error tracker. diff --git a/fail2ban/action.d/mysticbbs.conf b/fail2ban/action.d/mysticbbs.conf new file mode 100644 index 0000000..c48ee29 --- /dev/null +++ b/fail2ban/action.d/mysticbbs.conf @@ -0,0 +1,21 @@ +# Fail2Ban configuration file +# +# Author: Mario Fetka +# +# + +[Definition] + +actionstart = touch /var/run/fail2ban/fail2ban.mysticbbs + +actionstop = rm -f /var/run/fail2ban/fail2ban.mysticbbs + +actioncheck = + +actionban = grep -qxF '' @MYSTIC_DIR@/data/blacklist.txt || echo '' >> @MYSTIC_DIR@/data/blacklist.txt + +actionunban = sed -e '//d' -i @MYSTIC_DIR@/data/blacklist.txt + +[Init] + +init = Mystic BBS notifications \ No newline at end of file diff --git a/fail2ban/filter.d/mysticbbs.conf b/fail2ban/filter.d/mysticbbs.conf new file mode 100644 index 0000000..3dce512 --- /dev/null +++ b/fail2ban/filter.d/mysticbbs.conf @@ -0,0 +1,12 @@ +# Fail2Ban filter for Mystic BBS + +[INCLUDES] + +before = common.conf + +[Definition] + +_daemon = mis + +failregex = ^%(__prefix_line)s.*(TELNET|SSH) .*Auto banning IP $ +ignoreregex = diff --git a/fail2ban/jail.d/mysticbbs.conf b/fail2ban/jail.d/mysticbbs.conf new file mode 100644 index 0000000..0685cf9 --- /dev/null +++ b/fail2ban/jail.d/mysticbbs.conf @@ -0,0 +1,9 @@ +[mysticbbs] +enabled = true +port = 23 +protocol = tcp +filter = mysticbbs +logpath = @MYSTIC_DIR@/logs/mis.log +maxretry = 1 +action = iptables-ipset-proto6-allports + mysticbbs diff --git a/fail2ban/systemd/howto.txt b/fail2ban/systemd/howto.txt new file mode 100644 index 0000000..d833088 --- /dev/null +++ b/fail2ban/systemd/howto.txt @@ -0,0 +1 @@ +put into /etc/systemd/system/fail2ban.service.d/override.conf \ No newline at end of file diff --git a/fail2ban/systemd/override.conf b/fail2ban/systemd/override.conf new file mode 100644 index 0000000..6bda286 --- /dev/null +++ b/fail2ban/systemd/override.conf @@ -0,0 +1,4 @@ +[Service] +ExecStartPost=/usr/bin/sh -c "while ! [ -S /var/run/fail2ban/fail2ban.sock ]; do sleep 1; done" +ExecStartPost=/usr/bin/chgrp fail2ban /var/run/fail2ban/fail2ban.sock +ExecStartPost=/usr/bin/chmod g+w /var/run/fail2ban/fail2ban.sock \ No newline at end of file