add jail.local

2024-03-20 17:37:54 -07:00 · 2024-03-20 17:37:54 -07:00 · 8c5b430922
commit 8c5b430922
parent 77dfd76ce2
1 changed files with 14 additions and 0 deletions
--- a/bootstrap.yml
+++ b/bootstrap.yml
@ -14,6 +14,20 @@
       name: fail2ban
       state: present

+   - name: enable sshd jail
+     copy:
+       dest: /etc/fail2ban/jail.local
+       content: |
+         [sshd]
+         enabled = true
+         port = ssh
+         filter = sshd
+         logpath = /var/log/auth.log
+         maxretry = 3
+         findtime = 300
+         bantime = 600
+         ignoreip = 127.0.0.1,169.231.0.0/16,128.111.0.0/16
+       
   - name: start fail2ban
     ansible.builtin.systemd_service:
       state: started