forked from evolix/ansible-roles
fail2ban: change ips variables
This commit is contained in:
parent
7c92645c5c
commit
2077af2992
|
@ -12,5 +12,6 @@ Main variables are :
|
||||||
|
|
||||||
* `general_alert_email`: email address to send various alert messages (default: `root@localhost`).
|
* `general_alert_email`: email address to send various alert messages (default: `root@localhost`).
|
||||||
* `fail2ban_alert_email`: email address for messages sent to root (default: `general_alert_email`).
|
* `fail2ban_alert_email`: email address for messages sent to root (default: `general_alert_email`).
|
||||||
|
* `fail2ban_ignore_ips`: list of IPs to ignore (default: empty).
|
||||||
|
|
||||||
The full list of variables (with default values) can be found in `defaults/main.yml`.
|
The full list of variables (with default values) can be found in `defaults/main.yml`.
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
---
|
---
|
||||||
general_alert_email: "root@localhost"
|
general_alert_email: "root@localhost"
|
||||||
fail2ban_alert_email: Null
|
fail2ban_alert_email: Null
|
||||||
fail2ban_ignoreip: []
|
fail2ban_ignore_ips: []
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
[DEFAULT]
|
[DEFAULT]
|
||||||
|
|
||||||
# "ignoreip" can be an IP address, a CIDR mask or a DNS host
|
# "ignoreip" can be an IP address, a CIDR mask or a DNS host
|
||||||
ignoreip = {{ (['127.0.0.1/8'] + fail2ban_ignoreip) | join(' ') }}
|
ignoreip = {{ (['127.0.0.1/8'] + fail2ban_ignore_ips) | join(' ') }}
|
||||||
|
|
||||||
bantime = 600
|
bantime = 600
|
||||||
maxretry = 3
|
maxretry = 3
|
||||||
|
|
Loading…
Reference in a new issue