2024-07-16 15:06:08 +03:00
|
|
|
{ config, ... }:
|
2021-10-16 15:31:10 +03:00
|
|
|
{
|
|
|
|
services.fail2ban = {
|
|
|
|
enable = true;
|
2022-05-16 20:39:04 +03:00
|
|
|
banaction = "iptables-multiport[blocktype=DROP]";
|
2023-12-02 02:12:26 +02:00
|
|
|
jails.sshd.settings.mode = "aggressive";
|
2022-05-16 20:21:31 +03:00
|
|
|
ignoreIP = [
|
|
|
|
"10.0.0.0/8"
|
2024-07-16 15:06:08 +03:00
|
|
|
config.reflection.interfaces.primary.addr
|
2022-05-16 20:21:31 +03:00
|
|
|
];
|
2022-05-17 11:40:35 +03:00
|
|
|
bantime-increment = {
|
|
|
|
enable = true;
|
2022-05-18 02:22:35 +03:00
|
|
|
maxtime = "48h";
|
2022-05-17 11:40:35 +03:00
|
|
|
};
|
2021-10-16 15:31:10 +03:00
|
|
|
};
|
|
|
|
}
|