HEX
Server: Apache
System: Linux dinesh8149 5.15.98-grsec-sharedvalley-2.lc.el8.x86_64 #1 SMP Thu Mar 9 09:07:30 -03 2023 x86_64
User: usesambura1 (1212012)
PHP: 7.0.33
Disabled: apache_child_terminate,dl,escapeshellarg,escapeshellcmd,exec,link,mail,openlog,passthru,pcntl_alarm,pcntl_exec,pcntl_fork,pcntl_get_last_error,pcntl_getpriority,pcntl_setpriority,pcntl_signal,pcntl_signal_dispatch,pcntl_sigprocmask,pcntl_sigtimedwait,pcntl_sigwaitinfo,pcntl_strerror,pcntl_wait,pcntl_waitpid,pcntl_wexitstatus,pcntl_wifexited,pcntl_wifsignaled,pcntl_wifstopped,pcntl_wstopsig,pcntl_wtermsig,php_check_syntax,php_strip_whitespace,popen,proc_close,proc_open,shell_exec,symlink,system
$ pwd: /etc/fail2ban/action.d/
Upload Files
File: //etc/fail2ban/action.d/firewallcmd-common.conf
#
# THIS FILE IS MANAGED BY PUPPET
#

# Fail2Ban configuration file
#
# Author: Donald Yandt
#

[Init]

# Option:  name
# Notes    Default name of the chain
# Values:  STRING
name = default

# Option   port
# Notes    Can also use port numbers separated by a comma and in rich-rules comma and/or space.
# Value    STRING Default: 1:65535
port = 1:65535

# Option:  protocol
# Notes    [ tcp | udp | icmp | all ]
# Values:  STRING Default: tcp
protocol = tcp

# Option:  family(ipv4)
# Notes    specifies the socket address family type
# Values:  STRING
family = ipv4

# Option:  chain
# Notes    specifies the firewalld chain to which the Fail2Ban rules should be
#          added
# Values:  STRING  Default: INPUT_direct
chain = INPUT_direct

# Option:  zone
# Notes    use command firewall-cmd --get-active-zones to see a list of all active zones. See firewalld man pages for more information on zones
# Values:  STRING  Default: public
zone = production

# Option:  service
# Notes    use command firewall-cmd --get-services to see a list of services available
#          Examples services: amanda-client amanda-k5-client bacula bacula-client dhcp dhcpv6 dhcpv6-client dns freeipa-ldap freeipa-ldaps
#          freeipa-replication ftp high-availability http https imaps ipp ipp-client ipsec iscsi-target kadmin kerberos
#          kpasswd ldap ldaps libvirt libvirt-tls mdns mosh mountd ms-wbt mysql nfs ntp openvpn pmcd pmproxy pmwebapi pmwebapis pop3s
#          postgresql privoxy proxy-dhcp puppetmaster radius rpc-bind rsyncd samba samba-client sane smtp squid ssh synergy
#          telnet tftp tftp-client tinc tor-socks transmission-client vdsm vnc-server wbem-https xmpp-bosh xmpp-client xmpp-local xmpp-server
# Values:  STRING Default: ssh
service = ssh

# Option:  rejecttype (ipv4)
# Notes    See iptables/firewalld man pages for ipv4 reject types.
# Values:  STRING
rejecttype = icmp-port-unreachable

# Option:  blocktype (ipv4/ipv6)
# Notes    See iptables/firewalld man pages for jump targets. Common values are REJECT,
#          REJECT --reject-with icmp-port-unreachable, DROP
# Values:  STRING
blocktype = REJECT --reject-with <rejecttype>

# Option:  rich-blocktype (ipv4/ipv6)
# Notes    See firewalld man pages for jump targets. Common values are reject,
#          reject type="icmp-port-unreachable", drop
# Values:  STRING
rich-blocktype = reject type='<rejecttype>'

[Init?family=inet6]

# Option:  family(ipv6)
# Notes    specifies the socket address family type
# Values:  STRING
family = ipv6

# Option:  rejecttype (ipv6)
# Note:    See iptables/firewalld man pages for ipv6 reject types.
# Values:  STRING
rejecttype = icmp6-port-unreachable
@ Telegram