{"id":13780884,"url":"https://github.com/sous-chefs/fail2ban","last_synced_at":"2025-09-19T04:32:20.292Z","repository":{"id":2725682,"uuid":"3720588","full_name":"sous-chefs/fail2ban","owner":"sous-chefs","description":"Development repository for the fail2ban cookbook","archived":false,"fork":false,"pushed_at":"2024-07-15T15:47:18.000Z","size":325,"stargazers_count":58,"open_issues_count":2,"forks_count":62,"subscribers_count":43,"default_branch":"main","last_synced_at":"2024-10-29T20:22:35.525Z","etag":null,"topics":["chef","chef-cookbook","chef-resource","fail2ban","hacktoberfest","managed-by-terraform"],"latest_commit_sha":null,"homepage":"https://supermarket.chef.io/cookbooks/fail2ban","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sous-chefs.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"open_collective":"sous-chefs"}},"created_at":"2012-03-14T18:13:38.000Z","updated_at":"2024-07-15T15:47:20.000Z","dependencies_parsed_at":"2023-07-05T21:32:40.482Z","dependency_job_id":"7f402ae5-a8a2-462e-a97d-80191e644b18","html_url":"https://github.com/sous-chefs/fail2ban","commit_stats":{"total_commits":419,"total_committers":42,"mean_commits":9.976190476190476,"dds":0.7684964200477327,"last_synced_commit":"d82e66d546e6ad5ac078af49bbbfc8b76ecb1e88"},"previous_names":[],"tags_count":52,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sous-chefs%2Ffail2ban","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sous-chefs%2Ffail2ban/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sous-chefs%2Ffail2ban/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sous-chefs%2Ffail2ban/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sous-chefs","download_url":"https://codeload.github.com/sous-chefs/fail2ban/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":233550363,"owners_count":18692832,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["chef","chef-cookbook","chef-resource","fail2ban","hacktoberfest","managed-by-terraform"],"created_at":"2024-08-03T18:01:20.745Z","updated_at":"2025-09-19T04:32:20.275Z","avatar_url":"https://github.com/sous-chefs.png","language":"Ruby","funding_links":["https://opencollective.com/sous-chefs"],"categories":["Cookbooks"],"sub_categories":["Logging/Monitoring"],"readme":"# fail2ban Cookbook\n\n[![Cookbook Version](https://img.shields.io/cookbook/v/fail2ban.svg)](https://supermarket.chef.io/cookbooks/fail2ban)\n[![CI State](https://github.com/sous-chefs/fail2ban/workflows/ci/badge.svg)](https://github.com/sous-chefs/fail2ban/actions?query=workflow%3Aci)\n[![OpenCollective](https://opencollective.com/sous-chefs/backers/badge.svg)](#backers)\n[![OpenCollective](https://opencollective.com/sous-chefs/sponsors/badge.svg)](#sponsors)\n[![License](https://img.shields.io/badge/License-Apache%202.0-green.svg)](https://opensource.org/licenses/Apache-2.0)\n\nInstalls and configures `fail2ban`, a utility that watches logs for failed login attempts and blocks repeat offenders with firewall rules. On Redhat systems this cookbook will enable the EPEL repository in order to retrieve the fail2ban package.\n\n## Maintainers\n\nThis cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visit [sous-chefs.org](https://sous-chefs.org/) or come chat with us on the Chef Community Slack in [#sous-chefs](https://chefcommunity.slack.com/messages/C2V7B88SF).\n\n## Requirements\n\n### Platforms\n\n- Debian/Ubuntu\n- RHEL/CentOS/Scientific/Amazon/Oracle\n- Fedora\n- OpenSUSE\n\n### Chef\n\n- Chef 15.3+\n\n### Cookbooks\n\n- yum-epel\n\n## Recipes\n\n### default\n\nInstalls the fail2ban package, manages 2 templates: `/etc/fail2ban/fail2ban.conf` and `/etc/fail2ban/jail.conf`, and manages the fail2ban service.\n\n## Attributes\n\nThis cookbook has a set of configuration options for fail2ban\n\n- `default['fail2ban']['loglevel'] = 'INFO'`\n- `default['fail2ban']['logtarget'] = '/var/log/fail2ban.log'`\n- `default['fail2ban']['syslogsocket'] = 'auto'`\n- `default['fail2ban']['socket'] = '/var/run/fail2ban/fail2ban.sock'`\n- `default['fail2ban']['pidfile'] = '/var/run/fail2ban/fail2ban.pid'`\n- `default['fail2ban']['dbfile'] = '/var/lib/fail2ban/fail2ban.sqlite3'`\n- `default['fail2ban']['dbpurgeage'] = 86_400`\n\nThis cookbook has a set of configuration options for jail.conf\n\n- `default['fail2ban']['ignoreip'] = '127.0.0.1/8'`\n- `default['fail2ban']['findtime'] = 600`\n- `default['fail2ban']['bantime'] = 300`\n- `default['fail2ban']['maxretry'] = 5`\n- `default['fail2ban']['backend'] = 'polling'`\n- `default['fail2ban']['email'] = 'root@localhost'`\n- `default['fail2ban']['sendername'] = 'Fail2Ban'`\n- `default['fail2ban']['action'] = 'action_'`\n- `default['fail2ban']['banaction'] = 'iptables-multiport'`\n- `default['fail2ban']['mta'] = 'sendmail'`\n- `default['fail2ban']['protocol'] = 'tcp'`\n- `default['fail2ban']['chain'] = 'INPUT'`\n\nThis cookbook makes use of a hash to compile the jail.local-file and filter config files:\n\n```ruby\ndefault['fail2ban']['services'] = {\n  'ssh' =\u003e {\n        \"enabled\" =\u003e \"true\",\n        \"port\" =\u003e \"ssh\",\n        \"filter\" =\u003e \"sshd\",\n        \"logpath\" =\u003e node['fail2ban']['auth_log'],\n        \"maxretry\" =\u003e \"6\"\n     },\n  'smtp' =\u003e {\n        \"enabled\" =\u003e \"true\",\n        \"port\" =\u003e \"smtp\",\n        \"filter\" =\u003e \"smtp\",\n        \"logpath\" =\u003e node['fail2ban']['auth_log'],\n        \"maxretry\" =\u003e \"6\"\n     }\n}\n```\n\nThe following attributes can be used per service:\n\n- backend\n- banaction\n- bantime\n- enabled\n- filter\n- findtime\n- ignorecommand\n- logpath\n- maxretry\n- port\n- protocol\n\nCreating custom fail2ban filters:\n\n```ruby\ndefault['fail2ban']['filters'] = {\n  'nginx-proxy' =\u003e {\n        \"failregex\" =\u003e [\"^\u003cHOST\u003e -.*GET http.*\"],\n        \"ignoreregex\" =\u003e []\n     },\n}\n```\n\nIn the case you would like to get Slack notifications on IP addresses banned/unbanned, this cookbook supports it by setting the following attributes:\n\n```ruby\n# A Slack webhook looks like this:\n# https://hooks.slack.com/services/A123BCD4E/FG5HI6KLM/7n8opqrsT9UVWxyZ0AbCdefG\ndefault['fail2ban']['slack_webhook'] = nil\n# Then setting the Slack channel name without the hashtag (#)\ndefault['fail2ban']['slack_channel'] = 'general'\n```\n\nThen you will get notifications like this:\n\n\u003e [hostname] Banned 🇳🇬 217.117.13.12 in the jail sshd after 5 attempts\n\n## Resources\n\n### fail2ban_filter\n\nManages fail2ban filters in `/etc/fail2ban/filters.d/`.\n\n#### Actions\n\n- `create` - Default. Creates a fail2ban filter.\n- `delete` - Deletes a fail2ban filter.\n\n#### Properties\n\n- `filter` - Specifies the name of the filter. This is the name property.\n- `source` - Specifies the template source. By default, this is set to `filter.erb`.\n- `cookbook` - Specifies the template cookbook. By default, this is set to `fail2ban`.\n- `failregex` - Specifies one or multiple regular expressions matching the failure.\n- `ignoreregex` - Specifies one or multiple regular expressions to ignore.\n\n#### Examples\n\nConfigure a file for webmin authentication with multiple regular expressions matching the failure.\n\n```ruby\nfail2ban_filter 'webmin-auth' do\n  failregex [\"^%(__prefix_line)sNon-existent login as .+ from \u003cHOST\u003e\\s*$\",\n             \"^%(__prefix_line)sInvalid login as .+ from \u003cHOST\u003e\\s*$\"]\nend\n```\n\n### fail2ban_jail\n\nManages fail2ban jails in `/etc/fail2ban/jail.d/`.\n\n#### Actions\n\n- `create` - Default. Creates a fail2ban jail.\n- `delete` - Deletes a fail2ban jail.\n\n#### Properties\n\n- `jail` - Specifies the jail name. This is the name property.\n- `source` - Specifies the template source. By default, this is set to `jail.erb`.\n- `cookbook` - Specifies the template cookbook. By default, this is set to `fail2ban`.\n- `filter` - Specifies the name of the filter to be used by the jail to detect matches.\n- `logpath` - Specifies the path to the log file which is provided to the filter.\n- `protocol` - Specifies the protocol type, e.g. tcp, udp or all.\n- `ports` - Specifies an array of port(s) to watch.\n- `maxretry` - Specifies the number of matches which triggers ban action.\n- `ignoreips` - Specifies an array of IP addresses to ignore.\n\n#### Examples\n\nCreate a new fail2ban jail for SSH that uses existing filter `sshd` and which bans client after 3 tries.\n\n```ruby\nfail2ban_jail 'ssh' do\n  ports %w(ssh)\n  filter 'sshd'\n  logpath node['fail2ban']['auth_log']\n  maxretry 3\nend\n```\n\n## Issues related to rsyslog\n\nIf you are using rsyslog parameter \"$RepeatedMsgReduction on\" in rsyslog.conf file\nthen you can get \"Last message repeated N times\" in system log file (for example auth.log).\nFail2ban will not work because the internal counter maxretry will not expand the repeated messages.\nChange parameter \"$RepeatedMsgReduction off\" in rsyslog.conf file for maximum accuracy of failed login attempts.\n\nThis rsyslog parameter is default ON for ubuntu 12.04 LTS for example.\n\n## Contributors\n\nThis project exists thanks to all the people who contribute.\n\n### Backers\n\nThank you to all our backers!\n\n![https://opencollective.com/sous-chefs#backers](https://opencollective.com/sous-chefs/backers.svg?width=600\u0026avatarHeight=40)\n\n### Sponsors\n\nSupport this project by becoming a sponsor. Your logo will show up here with a link to your website.\n\n![https://opencollective.com/sous-chefs/sponsor/0/website](https://opencollective.com/sous-chefs/sponsor/0/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/1/website](https://opencollective.com/sous-chefs/sponsor/1/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/2/website](https://opencollective.com/sous-chefs/sponsor/2/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/3/website](https://opencollective.com/sous-chefs/sponsor/3/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/4/website](https://opencollective.com/sous-chefs/sponsor/4/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/5/website](https://opencollective.com/sous-chefs/sponsor/5/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/6/website](https://opencollective.com/sous-chefs/sponsor/6/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/7/website](https://opencollective.com/sous-chefs/sponsor/7/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/8/website](https://opencollective.com/sous-chefs/sponsor/8/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/9/website](https://opencollective.com/sous-chefs/sponsor/9/avatar.svg?avatarHeight=100)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsous-chefs%2Ffail2ban","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsous-chefs%2Ffail2ban","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsous-chefs%2Ffail2ban/lists"}