ipset-fail2ban.conf

# List of fail2ban jails to scan for banned IP addresses.
JAILS=(
    "sshd"
    "nginx-http-auth"
    # "sshd-ddos"
    # "my-custom-jail"
)

# Banned IP addresses found in jails will be written to BLACKLIST_FILE. If the
# file already exists, IPs will be read from it and included in the list of
# banned IPs being processed. Duplicate IPs will be automatically pruned.
BLACKLIST_FILE="/etc/ipset-fail2ban/ipset-fail2ban.list"

# Name of ipset blacklist to use. Set this so it does not conflict with existing
# ipset blacklists. Use "ipset list -n" to list existing ipset lists.
IPSET_BLACKLIST="blacklist-fail2ban"

# Temporary ipset blacklist used for building new blacklist.
IPSET_TMP_BLACKLIST="${IPSET_BLACKLIST}-tmp"

# Automatically generated file containing rules used to update ipset blacklist.
IPSET_RESTORE_FILE="/etc/ipset-fail2ban/ipset-fail2ban.restore"

# Add comments in BLACKLIST_FILE to log which jail each IP address came from.
LOG_JAILS=false

# Remove all banned IP addresses from each jail specified in JAILS. It should be
# safe to set this to true as long as BLACKLIST_FILE is written to each time and
# saved. For jails with a large number of banned IPs, this can take a while the
# first time it is used.
CLEANUP=false

# If QUIET=true, standard messages will not be displayed, and only error
# messages will be sent to STDERR.
QUIET=false

# Increase this value and delete the existing blacklist if you get a 
# "blacklist is full" error. 
MAXELEM=65536

# Must be a power of 2. Increase as you increase MAXELEM to avoid clashes.
HASHSIZE=16384

# Position of iptables rule created for ipset blacklist. Default is 1.
IPTABLES_IPSET_POSITION=1

# Add rule to DOCKER-USER Chain to block for Docker containers too
DOCKER_USER_CHAIN=false