Gecko [ nrupathungauniversityblr.ac.in ]

Name	Size	Permission
abuseipdb.conf	3.79 KB	-rw-r--r--
apf.conf	587 B	-rw-r--r--
badips.conf	629 B	-rw-r--r--
badips.py	10.66 KB	-rw-r--r--
blocklist_de.conf	2.57 KB	-rw-r--r--
bsd-ipfw.conf	3.02 KB	-rw-r--r--
cloudflare.conf	2.66 KB	-rw-r--r--
complain.conf	4.56 KB	-rw-r--r--
dshield.conf	7.4 KB	-rw-r--r--
dummy.conf	1.59 KB	-rw-r--r--
firewallcmd-allports.conf	1.47 KB	-rw-r--r--
firewallcmd-common.conf	2.59 KB	-rw-r--r--
firewallcmd-ipset.conf	2.18 KB	-rw-r--r--
firewallcmd-multiport.conf	1.24 KB	-rw-r--r--
firewallcmd-new.conf	1.85 KB	-rw-r--r--
firewallcmd-rich-logging.conf	2.26 KB	-rw-r--r--
firewallcmd-rich-rules.conf	1.72 KB	-rw-r--r--
helpers-common.conf	589 B	-rw-r--r--
hostsdeny.conf	1.37 KB	-rw-r--r--
ipfilter.conf	1.45 KB	-rw-r--r--
ipfw.conf	1.38 KB	-rw-r--r--
iptables-allports.conf	1.39 KB	-rw-r--r--
iptables-common.conf	2.67 KB	-rw-r--r--
iptables-ipset-proto4.conf	1.95 KB	-rw-r--r--
iptables-ipset-proto6-allports...	2.15 KB	-rw-r--r--
iptables-ipset-proto6.conf	2.19 KB	-rw-r--r--
iptables-multiport-log.conf	2.03 KB	-rw-r--r--
iptables-multiport.conf	1.39 KB	-rw-r--r--
iptables-new.conf	1.46 KB	-rw-r--r--
iptables-xt_recent-echo.conf	2.52 KB	-rw-r--r--
iptables.conf	1.31 KB	-rw-r--r--
mail-buffered.conf	2.29 KB	-rw-r--r--
mail-whois-common.conf	1.02 KB	-rw-r--r--
mail-whois-lines.conf	2.3 KB	-rw-r--r--
mail-whois.conf	1.71 KB	-rw-r--r--
mail.conf	1.58 KB	-rw-r--r--
mynetwatchman.conf	5.11 KB	-rw-r--r--
netscaler.conf	1.46 KB	-rw-r--r--
nftables-allports.conf	490 B	-rw-r--r--
nftables-common.conf	3.94 KB	-rw-r--r--
nftables-multiport.conf	496 B	-rw-r--r--
nginx-block-map.conf	3.61 KB	-rw-r--r--
npf.conf	1.4 KB	-rw-r--r--
nsupdate.conf	3.07 KB	-rw-r--r--
osx-afctl.conf	469 B	-rw-r--r--
osx-ipfw.conf	2.16 KB	-rw-r--r--
pf.conf	3.58 KB	-rw-r--r--
route.conf	1023 B	-rw-r--r--
sendmail-buffered.conf	2.76 KB	-rw-r--r--
sendmail-common.conf	1.78 KB	-rw-r--r--
sendmail-geoip-lines.conf	1.73 KB	-rw-r--r--
sendmail-whois-ipjailmatches.c...	1.03 KB	-rw-r--r--
sendmail-whois-ipmatches.conf	1.01 KB	-rw-r--r--
sendmail-whois-lines.conf	1.27 KB	-rw-r--r--
sendmail-whois-matches.conf	997 B	-rw-r--r--
sendmail-whois.conf	977 B	-rw-r--r--
sendmail.conf	857 B	-rw-r--r--
shorewall-ipset-proto6.conf	2.91 KB	-rw-r--r--
shorewall.conf	2.02 KB	-rw-r--r--
smtp.py	5.99 KB	-rw-r--r--
symbiosis-blacklist-allports.c...	1.3 KB	-rw-r--r--
ufw.conf	1.02 KB	-rw-r--r--
xarf-login-attack.conf	5.94 KB	-rw-r--r--

Code Editor : nginx-block-map.conf

# Fail2Ban configuration file for black-listing via nginx
#
# Author: Serg G. Brester (aka sebres)
#
# To use 'nginx-block-map' action you should define some special blocks in your nginx configuration,
# and use it hereafter in your locations (to notify fail2ban by failure, resp. nginx by ban).
#
# Example (argument "token_id" resp. cookie "session_id" used here as unique identifier for user):
#
#   http {
#     ...
#     # maps to check user is blacklisted (banned in f2b):
#     #map $arg_token_id      $blck_lst_tok { include blacklisted-tokens.map; }
#     map  $cookie_session_id $blck_lst_ses { include blacklisted-sessions.map; }
#     ...
#     # special log-format to notify fail2ban about failures:
#     log_format f2b_session_errors '$msec failure "$cookie_session_id" - $remote_addr - $remote_user '
#      ;#                  '"$request" $status $bytes_sent '
#       #                  '"$http_referer" "$http_user_agent"';
#
#     # location checking blacklisted values:
#     location ... {
#       # check banned sessionid:
#       if ($blck_lst_ses != "") {
#         try_files "" @f2b-banned;
#       }
#       ...
#       # notify fail2ban about a failure inside nginx:
#       error_page 401 = @notify-f2b;
#       ...
#     }
#     ...
#     # location for return with "403 Forbidden" if banned:
#     location @f2b-banned {
#       default_type text/html;
#       return 403 "<br/><center>
#         <b style=\"color:red; font-size:18pt; border:2pt solid black; padding:5pt;\">
#         You are banned!</b></center>";
#     }
#     ...
#     # location to notify fail2ban about a failure inside nginx:
#     location @notify-f2b {
#       access_log /var/log/nginx/f2b-auth-errors.log f2b_session_errors;
#     }
#   }
#   ...
#
# Note that quote-character (and possibly other special characters) are not allowed currently as session-id.
# Thus please add any session-id validation rule in your locations (or in the corresponding backend-service), 
# like in example below:
#
#   location ... {
#     if ($cookie_session_id !~ "^[\w\-]+$") {
#       return  403 "Wrong session-id"
#     }
#     ...
#   }
#
# The parameters for jail corresponding log-format (f2b_session_errors):
#
#   [nginx-blck-lst]
#   filter =
#   datepattern = ^Epoch
#   failregex = ^ failure "<F-ID>[^"]+</F-ID>" - <ADDR>
#   usedns = no
#
# The same log-file can be used for IP-related jail (additionally to session-related, to ban very bad IPs):
#
#   [nginx-blck-ip]
#   maxretry = 100
#   filter =
#   datepattern = ^Epoch
#   failregex = ^ failure "[^"]+" - <ADDR>
#   usedns = no
#

[Definition]

# path to configuration of nginx (used to target nginx-instance in multi-instance system,
# and as path for the blacklisted map):
srv_cfg_path = /etc/nginx/

# cmd-line arguments to supply to test/reload nginx:
#srv_cmd = nginx -c %(srv_cfg_path)s/nginx.conf
srv_cmd = nginx

# first test configuration is correct, hereafter send reload signal:
blck_lst_reload = %(srv_cmd)s -qt; if [ $? -eq 0 ]; then
                    %(srv_cmd)s -s reload; if [ $? -ne 0 ]; then echo 'reload failed.'; fi;
                  fi;

# map-file for nginx, can be redefined using `action = nginx-block-map[blck_lst_file="/path/file.map"]`:
blck_lst_file = %(srv_cfg_path)s/blacklisted-sessions.map

# Action definition:

actionstart_on_demand = false
actionstart = touch '%(blck_lst_file)s'

actionflush = truncate -s 0 '%(blck_lst_file)s'; %(blck_lst_reload)s

actionstop = %(actionflush)s

actioncheck =

actionban = echo "\\\\<fid> 1;" >> '%(blck_lst_file)s'; %(blck_lst_reload)s

actionunban = id=$(echo "<fid>" | sed -e 's/[]\/$*.^|[]/\\&/g'); sed -i "/$id 1;/d" %(blck_lst_file)s; %(blck_lst_reload)s

${this.title}

Code Editor : nginx-block-map.conf