#
################################################
### Managed by someone's ansible provisioner ###
################################################
# Part of: https://git.somenet.org/root/pub/somesible.git
# 2017-2025 by someone <someone@somenet.org>
#

[DEFAULT]
banaction  = nftables[type=allports]
ignoreself = true

findtime   = 8h
maxretry   = 5

bantime    = 15m
bantime.increment = true


# prevent being abused for possible amplification attacks:
#   retrying too much after already being banned leads to an additional "drop" ban.
[repeated-offenders]
enabled    = true
# for some weird reason we need to define chain somewhere else than table + priority. - bug?
#banaction  = nftables[type=allports, table=f2b-table-roff, chain=f2b-chain-roff, chain_priority=-2, blocktype="counter log prefix \"NFT:f2b-chain:DROP-banned; \" drop"]
chain=f2b-chain-roff
banaction  = nftables[type=allports, chain=f2b-chain-roff-ignored, chain_priority=-2, blocktype=counter log prefix \"NFT:f2b-chain:DROP-banned\; \" drop]
logpath    = /var/log/syslog

findtime   = 1d
maxretry   = 100

bantime    = 1d


[sshd]
enabled    = true
mode       = extra