From: Alexander Barton <alex@barton.de>
Date: Fri, 19 Apr 2024 21:28:34 +0000 (+0200)
Subject: Add am example filter file for "Fail2Ban"
X-Git-Tag: rel-27~5
X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=75ef4e14e0a3e08eec9ec454a2749711ccaa6c2e;p=ngircd.git

Add am example filter file for "Fail2Ban"
---

diff --git a/contrib/Debian/rules b/contrib/Debian/rules
index 25e27872..561f765c 100755
--- a/contrib/Debian/rules
+++ b/contrib/Debian/rules
@@ -53,6 +53,11 @@ execute_after_dh_auto_install:
 	 $(CURDIR)/contrib/ngircd.logcheck \
 	 $(CURDIR)/debian/ngircd/etc/logcheck/ignore.d.paranoid/ngircd
 
+#	Install the fail2ban configuration.
+	install -o root -g root -m 0644 -D \
+	 $(CURDIR)/contrib/ngircd-fail2ban.conf \
+	 $(CURDIR)/debian/ngircd/etc/fail2ban/filter.d/ngircd.conf
+
 #	Make lintian happy :-)
 	rm $(CURDIR)/debian/ngircd/usr/share/doc/ngircd/COPYING
 	mv $(CURDIR)/debian/ngircd/usr/share/doc/ngircd/ChangeLog \
diff --git a/contrib/Makefile.am b/contrib/Makefile.am
index f2d99012..cd2eb05e 100644
--- a/contrib/Makefile.am
+++ b/contrib/Makefile.am
@@ -17,6 +17,7 @@ EXTRA_DIST = README.md \
 	Dockerfile \
 	ngindent.sh \
 	ngircd-bsd.sh \
+	ngircd-fail2ban.conf \
 	ngIRCd-Logo.gif \
 	ngircd-redhat.init \
 	ngircd.logcheck \
diff --git a/contrib/README.md b/contrib/README.md
index fdd46495..5ab57690 100644
--- a/contrib/README.md
+++ b/contrib/README.md
@@ -16,6 +16,8 @@ This `contrib/` directory contains the following sub-folders and files:
 
 - `ngircd-bsd.sh`: Start/stop script for FreeBSD.
 
+- `ngircd-fail2ban.conf`: fail2ban(1) filter configuration for ngIRCd.
+
 - `ngircd-redhat.init`: Start/stop script for old(er) RedHat-based
   distributions (like CentOS and Fedora), which did _not_ use systemd(8).
 
diff --git a/contrib/ngircd-fail2ban.conf b/contrib/ngircd-fail2ban.conf
new file mode 100644
index 00000000..c9903e0c
--- /dev/null
+++ b/contrib/ngircd-fail2ban.conf
@@ -0,0 +1,25 @@
+# Fail2ban filter for ngIRCd
+#
+# Put into /etc/fail2ban/filter.d/ngircd.conf and enable in your jail.local
+# configuration like this:
+#
+# [ngircd]
+# enabled = true
+# backend = systemd
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[DEFAULT]
+
+_daemon = ngircd
+
+[Definition]
+
+failregex = ^%(__prefix_line)sRefused connection from <ADDR> on socket \d+:
+
+[Init]
+
+journalmatch = _SYSTEMD_UNIT=ngircd.service + _COMM=ngircd