On 30/04/2021 10:18, Dominic Raferd wrote:
On 30/04/2021 08:38, Nick Howitt wrote:
Hi,
Can I define and use my own variable in the jail.local file? My use
case is to programmatically whitelist the local LAN in a package for
all users of ClearOS (like Centos7). It would be something I'd like to
be able to toggle on an off subject to the user preferences and I'd
want something like this in jail.conf:
lan_subnets = 10.8.0.0/24
ignoreip = <lan_subnets> 1.2.3.4, 9.8.7.6 etc.
or
ignoreip = %(lan_subnets)s 1.2.3.4 9.8.7.6 etc.
In this way I can programmatically maintain lan_subnets even if they
change. I could not do this if I had a line:
ignoreip = 192.168.0.0/24, 1.2.3.4, 9.8.7.6
because if the user were to change LAN subnets to say 172.16.0.0/24 I
could not know for sure if the initial 192.168.0.0/24 was user added
or was system added.
yes you can do this in the [DEFAULT] section, the second example syntax
is the correct one.
Thanks, Nick
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
