diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2014-07-02 18:33:11 +0200 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2015-06-07 02:52:16 +0200 |
commit | aa6628dd67914c2849781cfb738c7389434c9608 (patch) | |
tree | fbef780f89b332a319ba73637b9bc2a368ec279b /roles/common/templates/etc | |
parent | 7a5cc5032b036f110a19b899cfc264065b473ed1 (diff) |
Whitelist our IPs against fail2ban.
This is important as we don't want the IMAP server baning the webmail,
for instance. (The fail2ban instance running next to the webmail should
ban the attacker, but that running next to the IMAP server shouldn't ban
legit users.)
Diffstat (limited to 'roles/common/templates/etc')
-rw-r--r-- | roles/common/templates/etc/fail2ban/jail.local.j2 | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/roles/common/templates/etc/fail2ban/jail.local.j2 b/roles/common/templates/etc/fail2ban/jail.local.j2 index 7c5bc0e..b76ffbc 100644 --- a/roles/common/templates/etc/fail2ban/jail.local.j2 +++ b/roles/common/templates/etc/fail2ban/jail.local.j2 @@ -13,6 +13,9 @@ chain = fail2ban # Choose default action. action = %(action_)s +# Don't ban ourselves. +ignoreip = 127.0.0.0/8 {{ groups.all | sort | join(' ') }} + # # JAILS # |