From 5f4f064694e4163653a9fe2e7f61ee7e5360ea7c Mon Sep 17 00:00:00 2001
From: pdiogoantunes <pdiogoantunes+gitit@evolix.fr>
Date: Wed, 31 May 2017 00:33:39 +0200
Subject: [PATCH] action

---
 HowtoFail2Ban.md | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/HowtoFail2Ban.md b/HowtoFail2Ban.md
index 0f347f22..8d07e0ca 100644
--- a/HowtoFail2Ban.md
+++ b/HowtoFail2Ban.md
@@ -202,6 +202,34 @@ $ fail2ban-regex auth.log /etc/fail2ban/filter.d/evolix-test.conf
 [...]
 ~~~
 
+## Actions
+
+Les actions se trouvent par défaut dans /etc/fail2ban/action.d/
+
+~~~
+# ls /etc/fail2ban/action.d/
+apf.conf           firewallcmd-ipset.conf   iptables.conf                        iptables-xt_recent-echo.conf  osx-ipfw.conf           sendmail-whois-lines.conf
+badips.conf        firewallcmd-new.conf     iptables-ipset-proto4.conf           mail-buffered.conf            pf.conf                 shorewall.conf
+blocklist_de.conf  hostsdeny.conf           iptables-ipset-proto6-allports.conf  mail.conf                     route.conf              ufw.conf
+bsd-ipfw.conf      ipfilter.conf            iptables-ipset-proto6.conf           mail-whois.conf               sendmail-buffered.conf
+complain.conf      ipfw.conf                iptables-multiport.conf              mail-whois-lines.conf         sendmail-common.conf
+dshield.conf       iptables-allports.conf   iptables-multiport-log.conf          mynetwatchman.conf            sendmail.conf
+dummy.conf         iptables-blocktype.conf  iptables-new.conf                    osx-afctl.conf                sendmail-whois.conf
+~~~
+
+Par défaut dans le jail.conf est définis l'action par défaut si non indiqué pour chaque jail (services) configurés :
+
+~~~
+banaction = iptables-multiport
+~~~
+
+Exemple pour jail ssh avec envoie de mail vers user@example.com :
+~~~
+action = iptables[name=ssh,port=22,protocol=tcp]
+         sendmail[name=ssh,dest=user@example.com]
+~~~
+
+
 ## Exemples
 
 ### Dovecot