From a3be458262fdeeaae2acaf098e47ecabe62cad09 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Thu, 31 Oct 2013 05:21:01 +0100 Subject: Use a dedicated 'fail2ban' chain for fail2ban. So it doesn't mess with the high-priority rules regarding IPSec. --- roles/common/templates/etc/fail2ban/jail.local.j2 | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'roles/common/templates/etc/fail2ban') diff --git a/roles/common/templates/etc/fail2ban/jail.local.j2 b/roles/common/templates/etc/fail2ban/jail.local.j2 index 818ec88..1cbcd88 100644 --- a/roles/common/templates/etc/fail2ban/jail.local.j2 +++ b/roles/common/templates/etc/fail2ban/jail.local.j2 @@ -7,6 +7,10 @@ # jail.{conf,local} configuration files. destemail = admin@fripost.org +# Specify chain where jumps would need to be added in iptables-* actions +chain = fail2ban + +# Choose default action. action = %(action_)s # -- cgit v1.2.3