REFERENCE.md

Reference

Table of Contents

Classes

• fail2ban: == Class: fail2ban
• fail2ban::config: == Class: fail2ban::config
• fail2ban::install: == Class: fail2ban::install
• fail2ban::service: == Class: fail2ban::service

Defined types

• fail2ban::define: == Define: fail2ban::define
• fail2ban::jail: == Define: fail2ban::jail

Classes

fail2ban

== Class: fail2ban

Parameters

The following parameters are available in the fail2ban class:

• config_file_before
• package_ensure
• package_name
• package_list
• config_dir_path
• config_dir_filter_path
• config_dir_purge
• config_dir_recurse
• config_dir_source
• config_file_path
• config_file_owner
• config_file_group
• config_file_mode
• config_file_source
• config_file_string
• config_file_template
• config_file_notify
• config_file_require
• config_file_hash
• config_file_options_hash
• manage_defaults
• manage_firewalld
• service_ensure
• service_name
• service_enable
• action
• bantime
• email
• sender
• iptables_chain
• jails
• maxretry
• default_backend
• whitelist
• custom_jails
• banaction
• sendmail_config
• sendmail_actions

config_file_before

Data type: String[1]

package_ensure

Data type: Enum['absent', 'latest', 'present', 'purged']

Default value: 'present'

package_name

Data type: String[1]

Default value: 'fail2ban'

package_list

Data type: Optional[Array[String]]

Default value: undef

config_dir_path

Data type: Stdlib::Absolutepath

Default value: '/etc/fail2ban'

config_dir_filter_path

Data type: Stdlib::Absolutepath

Default value: '/etc/fail2ban/filter.d'

config_dir_purge

Data type: Boolean

Default value: false

config_dir_recurse

Data type: Boolean

Default value: true

config_dir_source

Data type: Optional[String]

Default value: undef

config_file_path

Data type: Stdlib::Absolutepath

Default value: '/etc/fail2ban/jail.conf'

config_file_owner

Data type: String[1]

Default value: 'root'

config_file_group

Data type: String[1]

Default value: 'root'

config_file_mode

Data type: String[1]

Default value: '0644'

config_file_source

Data type: Optional[String[1]]

Default value: undef

config_file_string

Data type: Optional[String[1]]

Default value: undef

config_file_template

Data type: Optional[String[1]]

Default value: undef

config_file_notify

Data type: String[1]

Default value: 'Service[fail2ban]'

config_file_require

Data type: String[1]

Default value: 'Package[fail2ban]'

config_file_hash

Data type: Hash[String[1], Any]

Default value: {}

config_file_options_hash

Data type: Hash

Default value: {}

manage_defaults

Data type: Enum['absent', 'present']

Default value: 'absent'

manage_firewalld

Data type: Enum['absent', 'present']

Default value: 'absent'

service_ensure

Data type: Enum['running', 'stopped']

Default value: 'running'

service_name

Data type: String[1]

Default value: 'fail2ban'

service_enable

Data type: Boolean

Default value: true

action

Data type: String[1]

Default value: 'action_mb'

bantime

Data type: Variant[Integer[0], String[1]]

Default value: 432000

email

Data type: String[1]

Default value: "fail2ban@${facts['networking']['domain']}"

sender

Data type: String[1]

Default value: "fail2ban@${facts['networking']['fqdn']}"

iptables_chain

Data type: String[1]

Default value: 'INPUT'

jails

Data type: Array[String[1]]

Default value: ['ssh', 'ssh-ddos']

maxretry

Data type: Integer[0]

Default value: 3

default_backend

Data type: Enum['pyinotify', 'gamin', 'polling', 'systemd', 'auto']

Default value: 'auto'

whitelist

Data type: Array

Default value: ['127.0.0.1/8', '192.168.56.0/24']

custom_jails

Data type: Hash[String, Hash]

Default value: {}

banaction

Data type: String[1]

Default value: 'iptables-multiport'

sendmail_config

Data type: Hash

Default value: {}

sendmail_actions

Data type: Hash

Default value: {}

fail2ban::config

== Class: fail2ban::config

fail2ban::install

== Class: fail2ban::install

fail2ban::service

== Class: fail2ban::service

Defined types

fail2ban::define

== Define: fail2ban::define

Parameters

The following parameters are available in the fail2ban::define defined type:

• config_file_path
• config_file_owner
• config_file_group
• config_file_mode
• config_file_source
• config_file_string
• config_file_template
• config_file_notify
• config_file_require
• config_file_options_hash

config_file_path

Data type: Stdlib::Absolutepath

Default value: "${fail2ban::config_dir_path}/${title}"

config_file_owner

Data type: String

Default value: $fail2ban::config_file_owner

config_file_group

Data type: String

Default value: $fail2ban::config_file_group

config_file_mode

Data type: String

Default value: $fail2ban::config_file_mode

config_file_source

Data type: Optional[String]

Default value: undef

config_file_string

Data type: Optional[String]

Default value: undef

config_file_template

Data type: Optional[String]

Default value: undef

config_file_notify

Data type: String

Default value: $fail2ban::config_file_notify

config_file_require

Data type: String

Default value: $fail2ban::config_file_require

config_file_options_hash

Data type: Hash

Default value: $fail2ban::config_file_options_hash

fail2ban::jail

== Define: fail2ban::jail

Parameters

The following parameters are available in the fail2ban::jail defined type:

• filter_includes
• filter_failregex
• filter_ignoreregex
• filter_maxlines
• filter_datepattern
• filter_additional_config
• enabled
• action
• filter
• logpath
• maxretry
• findtime
• bantime
• port
• backend
• journalmatch
• ignoreip
• config_dir_filter_path
• config_file_owner
• config_file_group
• config_file_mode
• config_file_source
• config_file_notify
• config_file_require

filter_includes

Data type: Optional[String]

Default value: undef

filter_failregex

Data type: Optional[String]

Default value: undef

filter_ignoreregex

Data type: Optional[String]

Default value: undef

filter_maxlines

Data type: Optional[Integer]

Default value: undef

filter_datepattern

Data type: Optional[String]

Default value: undef

filter_additional_config

Data type: Any

Default value: undef

enabled

Data type: Boolean

Default value: true

action

Data type: Optional[String]

Default value: undef

filter

Data type: String

Default value: $title

logpath

Data type: Optional[String[1]]

Default value: undef

maxretry

Data type: Integer

Default value: $fail2ban::maxretry

findtime

Data type: Optional[Integer]

Default value: undef

bantime

Data type: Integer

Default value: $fail2ban::bantime

port

Data type: Optional[String]

Default value: undef

backend

Data type: Optional[String]

Default value: undef

journalmatch

Data type: Optional[String[1]]

Default value: undef

ignoreip

Data type: Array[Stdlib::IP::Address]

Default value: []

config_dir_filter_path

Data type: Stdlib::Absolutepath

Default value: $fail2ban::config_dir_filter_path

config_file_owner

Data type: Optional[String]

Default value: $fail2ban::config_file_owner

config_file_group

Data type: Optional[String]

Default value: $fail2ban::config_file_group

config_file_mode

Data type: Optional[String]

Default value: $fail2ban::config_file_mode

config_file_source

Data type: Optional[String]

Default value: $fail2ban::config_file_source

config_file_notify

Data type: Optional[String]

Default value: $fail2ban::config_file_notify

config_file_require

Data type: Optional[String]

Default value: $fail2ban::config_file_require