+

Last commit for README: 88dd061199329b26ace3bd1a7db583f85fc2f778

Add informations about JSON file content

Benjamin Renard [2014-12-31 15:14:24]
Add informations about JSON file content
Fail2ban action script to stock banned IP in a JSON file
========================================================

This script is design to be use as action script for fail2ban.

Installation
------------

 - Put action.d/jsonfile.conf in /etc/fail2ban/action.d
 - Put bin/fail2ban-jsonfile in /usr/local/bin/fail2ban-jsonfile

Configuration
-------------

Jail example :

  [myapp]
  enabled  = true
  filter   = myapp
  action   = jsonfile[jsonpath=/var/tmp/myapp-banned-ip.json]
  logpath  = /var/log/myapp.log

Parameters :

 - bin :
   Specify the path to fail2ban-jsonfile script
   Default : /usr/local/bin/fail2ban-jsonfile

 - jsonpath :
   The path of JSON file
   Default : /tmp/fail2ban-jsonfile.json

 - umask :
   Umask use on JSON file creation (Integer)
   Default : 0077

JSON file content
-----------------

On start, the file will be created with "{}" and the file will be removed on stop.

When some IP is ban, the file content will be updated like in the example :

The IP "1.2.3.4" is banned after 3 failures at 31/12/2014 16:07:40 :

{
  "1.2.3.4": {
    "failures": "3",         // Number of failures
    "time": "1420038460.98"  // UNIX timestamp ot the ban time
  }
}

On unban, the block corresponding to the IP address will be removed.
ViewGit