Documentation

v2.19
latest v2.20 v2.19 v2.18 v2.17 v2.16 v2.15 v2.14 v2.12 v2.11 v2.10 v2.9 v2.8 v2.7 v2.6 v2.5 v2.4 v2.3 v2.2 v2.1 v2.0 v1.10 v1.9 v1.8 v1.7 v1.6 v1.5 v1.4 v1.3 v1.2 v1.1 v1.0
      Edit on GitHub

      PLEASE NOTE: This document applies to v2.19 version and not to the latest stable release v2.20

      Documentation for other releases can be found by using the version selector in the top right of any doc page.

      fail2ban

      Manage Fail2ban intrusion prevention system.

      Attributes

      check_mode:
  support: full

      Parameters

      Parameter Required Type Values Description
      action   string   Action to take on ban (e.g., %(action_)s, %(action_mwl)s).
      bantime   integer   Ban duration in seconds. [default: 600]
      enabled   boolean   Whether the jail should be enabled or disabled. [default: true]
      filter   string   Filter name to use for this jail.
      findtime   integer   Time window in seconds for counting retries. [default: 600]
      logpath   string   Log file path to monitor.
      maxretry   integer   Maximum number of retries before ban. [default: 5]
      name true string   Jail name (required).
      port   string   Port(s) to protect (e.g., ssh, http, https, or 22, 80, 443).
      state   string present
      absent      		 Whether the jail should be present or absent. [default: present]

      Examples

      - name: Create SSH jail
  fail2ban:
    name: sshd
    state: present
    enabled: true
    port: ssh
    filter: sshd
    logpath: /var/log/auth.log
    maxretry: 5
    findtime: 600
    bantime: 3600

- name: Create nginx HTTP auth jail
  fail2ban:
    name: nginx-http-auth
    state: present
    enabled: true
    port: http,https
    filter: nginx-http-auth
    logpath: /var/log/nginx/error.log
    maxretry: 3

- name: Disable a jail
  fail2ban:
    name: sshd
    enabled: false

- name: Remove a jail
  fail2ban:
    name: sshd
    state: absent