content of debian-files/jail.d_defaults-debian.conf (banactions onl…

…y and systemd for sshd) moved to `paths-debian.conf`; remove default backend (systemd) - too dangerous for all jails, because it's hardly to find an error if some jail mistakenly start to monitor journal instead of logfile (even if it exists), but will silently find nothing; sshd jail disabled by default - user have to enable jails in jail.local or jail.d
fail2ban · Apr 25, 2024 · 85a4881 · 85a4881
1 parent e0e228a
commit 85a4881
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 7 deletions.
diff --git a/config/paths-debian.conf b/config/paths-debian.conf
@@ -9,6 +9,11 @@ after  = paths-overrides.local
 
 [DEFAULT]
 
+banaction = nftables
+banaction_allports = nftables[type=allports]
+
+sshd_backend = systemd
+
 syslog_mail = /var/log/mail.log
 
 # control the `mail.warn` setting, see `/etc/rsyslog.d/50-default.conf` (if commented `mail.*` wins).

diff --git a/debian/debian-files/jail.d_defaults-debian.conf b/debian/debian-files/jail.d_defaults-debian.conf