diff --git a/hosts/architect/fail2ban.nix b/hosts/architect/fail2ban.nix index 540a1e0..2dfa35c 100644 --- a/hosts/architect/fail2ban.nix +++ b/hosts/architect/fail2ban.nix @@ -3,23 +3,7 @@ enable = true; package = pkgs.fail2ban; packageFirewall = pkgs.nftables; - banaction = "nftables-multiport"; - banaction-allports = "nftables-allport"; bantime-increment.enable = true; - # ignoreIP = [ "10.0.0.0/24" "10.3.0.0/24" ]; - daemonConfig = '' - [Definition] - loglevel = INFO - logtarget = SYSLOG - socket = /run/fail2ban/fail2ban.sock - pidfile = /run/fail2ban/fail2ban.pid - dbfile = /var/lib/fail2ban/fail2ban.sqlite3 - ''; - jails = { - sshd = '' - maxretry = 3 - mode = aggressive - ''; - }; + ignoreIP = [ "10.0.0.0/24" "10.3.0.0/24" ]; }; }