Puppet Class: fail2ban
- Defined in:
- manifests/init.pp
Overview
Class fail2ban. Install and configure the fail2ban service. The parameters to this class provide defaults for the entire system (via /etc/fail2ban/fail2ban.local) or defaults for all jails (via /etc/fail2ban/jail.local).
34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 |
# File 'manifests/init.pp', line 34
class fail2ban (
String $package_name = 'fail2ban',
String $package_ensure = 'latest',
Optional[Array[Variant[IP::Address::NoSubnet, IP::Address::V4::CIDR, String]]] $ignoreip = undef,
Optional[Enum['CRITICAL', 'ERROR',
'WARNING', 'NOTICE',
'INFO', 'DEBUG']] $log_level = undef,
Optional[Variant[Stdlib::Absolutepath, Enum['STDOUT', 'STDERR',
'SYSLOG']]] $logtarget = undef,
Optional[String] $syslogsocket = undef,
Optional[String] $socket = undef,
Optional[Stdlib::Absolutepath] $pidfile = undef,
Optional[Variant[Enum[':memory:', 'None'],Stdlib::Absolutepath]] $dbfile = undef,
Optional[Integer] $dbpurgeage = undef,
Optional[Integer] $bantime = undef,
Optional[Integer] $findtime = undef,
Optional[Integer] $maxretry = undef,
Optional[Enum['pyinotify', 'gamin', 'polling', 'systemd', 'auto']] $backend = undef,
Optional[String] $destemail = undef,
Optional[String] $email_sender = undef,
Optional[String] $mta = undef,
String $chain = 'FAIL2BAN',
Optional[Enum['udp', 'tcp', 'icmp', 'all']] $protocol = undef,
Optional[String] $banaction = undef,
Optional[String] $action = undef,
Optional[Enum['yes', 'no', 'warn']] $usedns = undef,
Boolean $purge_jail_directory = true,
String $root_group = $::operatingsystem ? {
/(?i:FreeBSD|OpenBSD)/ => 'wheel',
default => 'root',
}
) {
contain ::fail2ban::install
contain ::fail2ban::config
contain ::fail2ban::service
Class['::fail2ban::install'] ->
Class['::fail2ban::config'] ~>
Class['::fail2ban::service']
}
|