From 0b491c9723a9bb0535c183627566b499602b4c93 Mon Sep 17 00:00:00 2001
From: Marvin Zurborg <106014757+Sommerwiesel@users.noreply.github.com>
Date: Mon, 26 Dec 2022 01:09:45 +0100
Subject: [PATCH] Create nginxrepeatoffender-ufw.conf

Add a new action conf for ufw users
---
 .../action.d/nginxrepeatoffender-ufw.conf     | 26 +++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 _fail2ban_addon/action.d/nginxrepeatoffender-ufw.conf

diff --git a/_fail2ban_addon/action.d/nginxrepeatoffender-ufw.conf b/_fail2ban_addon/action.d/nginxrepeatoffender-ufw.conf
new file mode 100644
index 00000000000..a3823124a41
--- /dev/null
+++ b/_fail2ban_addon/action.d/nginxrepeatoffender-ufw.conf
@@ -0,0 +1,26 @@
+# action for nginx-ultimate-bad-bot-blocker fail2ban-addon to use ufw as the blocking firewall
+# works with ipv4 and ipv6
+# to use this change banaction = nginxrepeatoffender in jail.local to banaction = nginxrepeatoffender-ufw
+[Definition]
+
+actionstart = 
+actionstop = 
+actioncheck = 
+actionban = [ -n "<application>" ] && app="app <application>"
+              ufw prepend <blocktype> from <ip> to <destination> $app comment "Fail2Ban Repeated Offender"
+
+actionunban = [ -n "<application>" ] && app="app <application>"
+              ufw delete <blocktype> from <ip> to <destination> $app
+
+[Init]
+# Option: blocktype
+# Notes.: reject or deny
+blocktype = deny
+
+# Option: destination
+# Notes.: The destination address to block in the ufw rule
+destination = any
+
+# Option: application
+# Notes.: application from sudo ufw app list
+application =