ENH: add action.d/osx-afctl anonymously contributed on f2b wiki

fail2ban · Aug 31, 2013 · b31799a · yarikoptic · Sep 28, 2013 · yarikoptic
1 parent 7cc3e8a
commit b31799a
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 0 deletions.
diff --git a/ChangeLog b/ChangeLog
@@ -41,6 +41,8 @@ ver. 0.8.11 (2013/XX/XXX) - loves-unittests
      closes gh-343.
 
 - New Features:
+  Anonymous:
+   * action.d/osx-afctl - an action based on afctl for osx
   Daniel Black & ykimon
    * filter.d/3proxy.conf -- filter added
   Daniel Black

diff --git a/config/action.d/osx-afctl.conf b/config/action.d/osx-afctl.conf
@@ -0,0 +1,16 @@
+# Fail2Ban configuration file for using afctl on Mac OS X Server 10.5
+#
+# Anonymous author
+# http://www.fail2ban.org/wiki/index.php?title=HOWTO_Mac_OS_X_Server_(10.5)&diff=prev&oldid=4081
+#
+# Ref: https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man8/afctl.8.html
+
+[Definition]
+actionstart = 
+actionstop = 
+actioncheck = 
+actionban = /usr/libexec/afctl -a <ip> -t <bantime>
+actionunban = /usr/libexec/afctl -r <ip>
+
+[Init]
+bantime = 2880
diff --git a/config/jail.conf b/config/jail.conf
@@ -416,3 +416,9 @@ filter = perdition
 action = iptables-multiport[name=perdition,port="110,143,993,995"]
 logpath = /var/log/maillog
 
+
+[osx-ssh-afctl]
+enabled = false
+filter = sshd
+action = osx-afctl[bantime=600]
+logpath = /var/log/secure.log