Defined Type: fail2ban::filter

Defined in:
manifests/filter.pp

Summary

Setup a filter for fail2ban

Overview

fail2ban/manifests/filter.pp

  • Copyright (C) 2014-2018 gabster@lelutin.ca

Filters are how fail2ban detects mischief in logs. They contain regular expressions that should catch bad activity and identify the IP that is doing this activity.

Parameters:

  • failregexes (Array[String, 1])

    List of regular expressions that will be run against new log lines as they reach fail2ban. The regular expressions follow the Python regular expression format, and there are some special patterns that fail2ban can use. See the jail.conf(5) man page for more details. Each item in the list is placed on its own line. Lines starting with the second one are prepended with spaces so that the regular expressions line up with the beginning of the first one.

  • ensure (Enum['present', 'absent']) (defaults to: 'present')

    Whether the resources should be installed or removed.

  • ignoreregexes (Array[String, 0]) (defaults to: [])

    List of Python regular expressions that should prevent a log line from being considered for banning. If a line matches regular expressions contained in this parameter, they are ignored even though they would have matched a failregex. Each item in the list is placed on its own line. Lines starting with the second one are prepended with spaces so that the regular expressions line up with the beginning of the first one.

  • includes (Array[String, 0]) (defaults to: [])

    List of files to include before considering the rest of the filter definition. These files can declare variables used by the filter to set default behaviours.

  • includes_after (Array[String, 0]) (defaults to: [])

    List of files to include after filter definition.

  • additional_defs (Array[String, 0]) (defaults to: [])

    List of arbitrary lines that should appear at the begining of the filter's definition section, for anything that didn't fit in other parameters. Each item in the list is output on its own line in the filter file. No syntax checking is done.



42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
# File 'manifests/filter.pp', line 42

define fail2ban::filter (
  Array[String, 1] $failregexes,
  Enum['present', 'absent'] $ensure = 'present',
  Array[String, 0] $ignoreregexes = [],
  Array[String, 0] $includes = [],
  Array[String, 0] $includes_after = [],
  Array[String, 0] $additional_defs = []
) {
  include fail2ban::config

  file { "/etc/fail2ban/filter.d/${name}.conf":
    ensure  => $ensure,
    content => template('fail2ban/filter.erb'),
    owner   => 'root',
    group   => 0,
    mode    => '0644',
    require => Class['fail2ban::config'],
    notify  => Class['fail2ban::service'],
  }

}