$(CURDIR)/contrib/ngircd.logcheck \
$(CURDIR)/debian/ngircd/etc/logcheck/ignore.d.paranoid/ngircd
+# Install the fail2ban configuration.
+ install -o root -g root -m 0644 -D \
+ $(CURDIR)/contrib/ngircd-fail2ban.conf \
+ $(CURDIR)/debian/ngircd/etc/fail2ban/filter.d/ngircd.conf
+
# Make lintian happy :-)
rm $(CURDIR)/debian/ngircd/usr/share/doc/ngircd/COPYING
mv $(CURDIR)/debian/ngircd/usr/share/doc/ngircd/ChangeLog \
Dockerfile \
ngindent.sh \
ngircd-bsd.sh \
+ ngircd-fail2ban.conf \
ngIRCd-Logo.gif \
ngircd-redhat.init \
ngircd.logcheck \
- `ngircd-bsd.sh`: Start/stop script for FreeBSD.
+- `ngircd-fail2ban.conf`: fail2ban(1) filter configuration for ngIRCd.
+
- `ngircd-redhat.init`: Start/stop script for old(er) RedHat-based
distributions (like CentOS and Fedora), which did _not_ use systemd(8).
--- /dev/null
+# Fail2ban filter for ngIRCd
+#
+# Put into /etc/fail2ban/filter.d/ngircd.conf and enable in your jail.local
+# configuration like this:
+#
+# [ngircd]
+# enabled = true
+# backend = systemd
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[DEFAULT]
+
+_daemon = ngircd
+
+[Definition]
+
+failregex = ^%(__prefix_line)sRefused connection from <ADDR> on socket \d+:
+
+[Init]
+
+journalmatch = _SYSTEMD_UNIT=ngircd.service + _COMM=ngircd
projects / ngircd.git / commitdiff