From 16bba8b4692ca6276ae8fec0f19f9c6fde8f22e0 Mon Sep 17 00:00:00 2001 From: Ludovic Poujol Date: Mon, 31 Jul 2023 11:50:36 +0200 Subject: [PATCH] fail2ban: add variable fail2ban_sshd_port to configure sshd port --- CHANGELOG.md | 1 + fail2ban/defaults/main.yml | 1 + fail2ban/templates/jail.local.j2 | 2 +- 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b49d6af5..1c14450d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,6 +18,7 @@ The **patch** part changes is incremented if multiple releases happen the same m * dovecot: fix old_stats plugin for Dovecot 2.3. * evolinux: Install HPE Agentless Management Service (amsd) * fail2ban: add default variable fail2ban_dbpurgeage_default +* fail2ban: add variable fail2ban_sshd_port to configure sshd port * nagios-nrpe: add a NRPE check-local command with completion. * policy_pam: New role allowing to manage password policy with pam_pwquality & pam_pwhistory * userlogrotate: rotate also php.log. diff --git a/fail2ban/defaults/main.yml b/fail2ban/defaults/main.yml index 78862cb4..b4b3fda8 100644 --- a/fail2ban/defaults/main.yml +++ b/fail2ban/defaults/main.yml @@ -23,6 +23,7 @@ fail2ban_default_findtime: 10m fail2ban_default_action: "action_" fail2ban_sshd: True +fail2ban_sshd_port: "ssh,2222,22222" fail2ban_sshd_maxretry: 10 fail2ban_sshd_bantime: "{{ fail2ban_default_bantime }}" fail2ban_sshd_findtime: "{{ fail2ban_default_findtime }}" diff --git a/fail2ban/templates/jail.local.j2 b/fail2ban/templates/jail.local.j2 index 6713c92e..a1247f69 100644 --- a/fail2ban/templates/jail.local.j2 +++ b/fail2ban/templates/jail.local.j2 @@ -21,7 +21,7 @@ action = %({{ fail2ban_default_action }})s [sshd] enabled = {{ fail2ban_sshd }} -port = ssh,2222,22222 +port = {{ fail2ban_sshd_port }} maxretry = {{ fail2ban_sshd_maxretry }} findtime = {{ fail2ban_sshd_findtime }}