il faut configurer un peu plus la règle

2016-08-15 17:07:45 +02:00
parent 6c02c2200c
commit e7ef51ecbe
1 changed files with 5 additions and 1 deletions
--- a/base/activation-manuelle/service-fail2ban.nix
+++ b/base/activation-manuelle/service-fail2ban.nix
@@ -42,11 +42,15 @@ mkIf cfg.fail2ban {
          action   = route[blocktype=blackhole]
          maxretry = 3
        '';
+        ssh-mail-whois = ''
+          filter   = sshd
+          maxretry = 3
+          action   = mail-whois[dest=${destemail}]
+        '';
      };
    };
  };

  # https://github.com/NixOS/nixpkgs/issues/8437
  services.fail2ban.jails.ssh-iptables = "enabled = true";
-  services.fail2ban.jails.mail-whois-lines = "enabled = true";
 }