|
|
@ -16,10 +16,10 @@ EOF |
|
|
|
$OUT .= " -p $proto" if ($proto =~ m/^tcp|udp|icmp$/); |
|
|
|
$OUT .= " -p $proto" if ($proto =~ m/^tcp|udp|icmp$/); |
|
|
|
$OUT .= " -m multiport --dports $port" if ($proto =~ m/^tcp|udp$/ && $port =~ m/^\d+(,\d+)*$/); |
|
|
|
$OUT .= " -m multiport --dports $port" if ($proto =~ m/^tcp|udp$/ && $port =~ m/^\d+(,\d+)*$/); |
|
|
|
$OUT .= " -j denylog\n"; |
|
|
|
$OUT .= " -j denylog\n"; |
|
|
|
|
|
|
|
} |
|
|
|
$OUT .= " /sbin/iptables --append \$NEW_Fail2Ban" . |
|
|
|
$OUT .= " /sbin/iptables --append \$NEW_Fail2Ban" . |
|
|
|
" -j RETURN\n"; |
|
|
|
" -j RETURN\n"; |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Having created a new Fail2Ban chain, activate it and destroy the old. |
|
|
|
# Having created a new Fail2Ban chain, activate it and destroy the old. |
|
|
|
$OUT .=<<'EOF'; |
|
|
|
$OUT .=<<'EOF'; |
|
|
|