[freeswitch-udp]
enabled  = true
port     = 5060,5061,5080,5081
protocol = all
filter   = freeswitch
#logpath  = /var/log/freeswitch/freeswitch.log
logpath  = /usr/local/freeswitch/log/freeswitch.log
action   = iptables-multiport[name=freeswitch-udp, port="5060,5061,5080,5081", protocol=udp]
maxretry = 5
findtime = 600
bantime  = 600
#          sendmail-whois[name=FreeSwitch, dest=root, sender=fail2ban@example.org] #no smtp server installed

[freeswitch-tcp]
enabled  = true
port     = 5060,5061,5080,5081
protocol = all
filter   = freeswitch
#logpath  = /var/log/freeswitch/freeswitch.log
logpath  = /usr/local/freeswitch/log/freeswitch.log
action   = iptables-multiport[name=freeswitch-tcp, port="5060,5061,5080,5081", protocol=tcp]
maxretry = 5
findtime = 600
bantime  = 600
#          sendmail-whois[name=FreeSwitch, dest=root, sender=fail2ban@example.org] #no smtp server installed

#[freeswitch-ip-tcp]
#enabled  = true
#port     = 5060,5061,5080,5081
#protocol = all
#filter   = freeswitch-ip
#logpath  = /var/log/freeswitch/freeswitch.log
logpath  = /usr/local/freeswitch/log/freeswitch.log
#action   = iptables-multiport[name=freeswitch-ip-tcp, port="5060,5061,5080,5081", protocol=tcp]
#maxretry = 1
#findtime = 30
#bantime  = 86400

#[freeswitch-ip-udp]
#enabled  = true
#port     = 5060,5061,5080,5081
#protocol = all
#filter   = freeswitch-ip
#logpath  = /var/log/freeswitch/freeswitch.log
logpath  = /usr/local/freeswitch/log/freeswitch.log
#action   = iptables-multiport[name=freeswitch-ip-udp, port="5060,5061,5080,5081", protocol=udp]
#maxretry = 1
#findtime = 30
#bantime  = 86400

[freeswitch-dos-udp]
enabled  = true
port     = 5060,5061,5080,5081
protocol = all
filter   = freeswitch-dos
#logpath  = /var/log/freeswitch/freeswitch.log
logpath  = /usr/local/freeswitch/log/freeswitch.log
action   = iptables-multiport[name=freeswitch-dos-udp, port="5060,5061,5080,5081", protocol=udp]
maxretry = 50
findtime = 30
bantime  = 6000

[freeswitch-dos-tcp]
enabled  = true
port     = 5060,5061,5080,5081
protocol = all
filter   = freeswitch-dos
#logpath  = /var/log/freeswitch/freeswitch.log
logpath  = /usr/local/freeswitch/log/freeswitch.log
action   = iptables-multiport[name=freeswitch-dos-tcp, port="5060,5061,5080,5081", protocol=tcp]
maxretry = 50
findtime = 30
bantime  = 6000

[freeswitch-404]
enabled  = true
port     = 5060,5061,5080,5081
protocol = all
filter   = freeswitch-404
#logpath  = /var/log/freeswitch/freeswitch.log
logpath  = /usr/local/freeswitch/log/freeswitch.log
action   = iptables-allports[name=freeswitch-404, protocol=all]
maxretry = 3
findtime = 300
bantime  = 86400

[fusionpbx]
enabled  = true
port     = 80,443
protocol = tcp
filter   = fusionpbx
logpath  = /var/log/auth.log
action   = iptables-multiport[name=fusionpbx, port="http,https", protocol=tcp]
#          sendmail-whois[name=fusionpbx, dest=root, sender=fail2ban@example.org] #no smtp server installed
maxretry = 10
findtime = 600
bantime  = 600

[nginx-404]
enabled  = true
port     = 80,443
protocol = tcp
filter   = nginx-404
logpath  = /var/log/nginx/access*.log
bantime  = 600
findtime = 60
maxretry = 120

[nginx-dos]
# Based on apache-badbots but a simple IP check (any IP requesting more than
# 240 pages in 60 seconds, or 4p/s average, is suspicious)
# Block for two full days.
enabled  = true
port     = 80,443
protocol = tcp
filter   = nginx-dos
logpath  = /var/log/nginx/access*.log
findtime = 60
bantime  = 172800
maxretry = 240