-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathexample.nginx-instaban.conf
executable file
·23 lines (22 loc) · 1.14 KB
/
example.nginx-instaban.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
nginxLogReaders = (
{
nginxLogPath = "/var/log/nginx/error.log"; #path the to error log file
banTime = 20; #20 seconds
chainName = "nginx-instaban"; #name of the chain in iptables -L
valuableBitCount = 21; #number of bits of ip address which is used as an offset inside
#hashtable structure. The higher the value the larger hashtable
#structure is. 20bit = 4mb, 21bit = 8 mb, 22bit = 16 mb...
}
# ,
# {
# nginxLogPath = "/var/log/nginx/access.log";
# banTime = "20";
# chainName = "nginx-instaban";
# }
# ...
);
commands: {
chainAddCmd = "iptables -N %s && iptables -t filter -A INPUT -j %s"; # %%s => chainName, chainName
banCmd = "iptables -A %s -s %s -p tcp --destination-port 80 -j DROP"; # %%s => chainName, host
unbanCmd = "iptables -D %s -s %s -p tcp --destination-port 80 -j DROP"; # %%s => chainName, host
}