nixos-config/nixos-template-base
4
0
Fork 0
Code Issues 7 Pull Requests Releases Activity

il faut configurer un peu plus la règle

Browse Source
This commit is contained in:
Jean-Pierre PRUNARET
2016-08-15 17:07:45 +02:00
parent 6c02c2200c
commit e7ef51ecbe
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
base/activation-manuelle/service-fail2ban.nix
View File

@@ -42,11 +42,15 @@ mkIf cfg.fail2ban {
action = route[blocktype=blackhole] action = route[blocktype=blackhole]
maxretry = 3 maxretry = 3
''; '';
ssh-mail-whois = ''
filter = sshd
maxretry = 3
action = mail-whois[dest=${destemail}]
'';
}; };
}; };
}; };
# https://github.com/NixOS/nixpkgs/issues/8437 # https://github.com/NixOS/nixpkgs/issues/8437
services.fail2ban.jails.ssh-iptables = "enabled = true"; services.fail2ban.jails.ssh-iptables = "enabled = true";
services.fail2ban.jails.mail-whois-lines = "enabled = true";
} }