Lines 3-20
Link Here
|
3 |
$cfg = { |
3 |
$cfg = { |
4 |
os => 'linux', # Target OS - either linux or bsd |
4 |
os => 'linux', # Target OS - either linux or bsd |
5 |
chain => 'blocksshd', # Name of iptables or pf chain |
5 |
chain => 'blocksshd', # Name of iptables or pf chain |
6 |
logfile => '/var/log/secure', # Log file to monitor |
6 |
logfile => '/var/log/messages', # Log file to monitor |
7 |
logcheck => '10', # How often to check the log file |
7 |
logcheck => '10', # How often to check the log file |
8 |
max_attempts => '4', # Max number of failures |
8 |
max_attempts => '4', # Max number of failures |
9 |
timeout => '360', # Reset IP count if no activity after time out in seconds |
9 |
timeout => '360', # Reset IP count if no activity after time out in seconds |
10 |
unblock => '1', # Enable unblocking |
10 |
unblock => '0', # Enable unblocking |
11 |
unblock_timeout => '43200', # Time in seconds after which to unblock a blocked IP address |
11 |
unblock_timeout => '43200', # Time in seconds after which to unblock a blocked IP address |
12 |
restore_blocked => '0', # Turn on checking for previously blocked IPs |
12 |
restore_blocked => '0', # Turn on checking for previously blocked IPs |
13 |
log_ips => '/usr/local/etc/blocksshd.list', # Log file for blocked IPs |
13 |
log_ips => '/etc/blocksshd/blocksshd.list', # Log file for blocked IPs |
14 |
pid_file => '/var/run/blocksshd.pid', # Location of PID file |
14 |
pid_file => '/var/run/blocksshd.pid', # Location of PID file |
15 |
send_email => '1', # Enable the sending of email notifications |
15 |
send_email => '0', # Enable the sending of email notifications |
16 |
email => 'root', # Email address to send notifications |
16 |
email => 'root', # Email address to send notifications |
17 |
mail => '/bin/mail', # Location of mail binary |
17 |
mail => '/bin/mail', # Location of mail binary |
18 |
iptables => '/sbin/iptables', # Location of iptables binary - only for Linux |
18 |
iptables => '/sbin/iptables', # Location of iptables binary - only for Linux |
19 |
pfctl => '/sbin/pfctl', # Location of pfctl binary - only for BSD |
19 |
pfctl => '/sbin/pfctl', # Location of pfctl binary - only for BSD |
20 |
whitelist => [qw{ |
20 |
whitelist => [qw{ |