Extend search period and ban time for trackpoint jail

openstreetmap · Jan 24, 2024 · 5fa9775 · 5fa9775
1 parent 0ceabfe
commit 5fa9775
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 0 deletions.
diff --git a/cookbooks/fail2ban/resources/jail.rb b/cookbooks/fail2ban/resources/jail.rb
@@ -26,6 +26,8 @@
 property :logpath, :kind_of => String
 property :protocol, :kind_of => String
 property :ports, :kind_of => Array, :default => []
+property :bantime, :kind_of => [Integer, String]
+property :findtime, :kind_of => [Integer, String]
 property :maxretry, :kind_of => Integer
 property :ignoreips, :kind_of => Array
 

diff --git a/cookbooks/fail2ban/templates/default/jail.erb b/cookbooks/fail2ban/templates/default/jail.erb
@@ -14,6 +14,12 @@ filter = <%= @filter %>
 <% if @logpath -%>
 logpath = <%= @logpath %>
 <% end -%>
+<% if @bantime -%>
+bantime = <%= @bantime %>
+<% end -%>
+<% if @findtime -%>
+findtime = <%= @findtime %>
+<% end -%>
 <% if @maxretry -%>
 maxretry = <%= @maxretry %>
 <% end -%>

diff --git a/cookbooks/web/recipes/frontend.rb b/cookbooks/web/recipes/frontend.rb
@@ -83,6 +83,8 @@
   filter "apache-trackpoints-timeout"
   logpath "/var/log/apache2/access.log"
   ports [80, 443]
+  bantime "12h"
+  findtime "30m"
 end
 
 fail2ban_filter "apache-notes-search" do