# action file to allow loading of IP's from a text file to be blocked # along with fail2ban. # The file contains one IP or subnet per line, and may be placed # anywhere on the system. # # This is a perversion of fail2ban's basic purpose, which is to dynamically # add/remove IP's from IPTables, but it allows us to permenantly ban # some really, really bad people # # example of file # 172.104.94.112 # 190.40.235.20 # 190.4.51.122 # 210.186.135.78 # 39.45.148.0/24 # # NOTE: I did not set it up to ignore comments, so you can't put comments # into the file. # # Works on fail2ban v9 [INCLUDES] before = iptables-common.conf [Definition] # what to do when fail2ban starts # taken directly from the multiport ban script, with the last line # inserted to load the IP file # creates a chain, then loads all the IP's into it actionstart = -N f2b- -A f2b- -j -I -p -j f2b- cat | while read IP; do -I f2b- 1 -s $IP -j DROP; done # these actions are taken when fail2ban is shut down # basically, destroys the chain actionstop = -D -p -j f2b- -F f2b- -X f2b- actioncheck = actionban = actionunban = [Init]