# {{ ansible_managed }} [DEFAULT] # nftables banaction = nftables-multiport banaction_allports = nftables-allports # rules findtime = 3600 bantime = 86400 maxretry = 3 # notification destemail = {{ fail2ban_destemail }} sender = {{ fail2ban_sender }} action = %(action_mwl)s ignoreip = 127.0.0.1/8, ::1/128, {{ fail2ban_ignoreip | join(', ') }} [sshd] enabled = true port = {{ fail2ban_ssh_port }} [recidive] enabled = true