# fail2ban jail configuration for Gentoo workstation
# Place in /etc/fail2ban/jail.local

[DEFAULT]
# Ban settings
bantime  = 1h
findtime = 10m
maxretry = 3

# Use nftables for banning
banaction = nftables-multiport
banaction_allports = nftables-allports

# Email notifications (configure if needed)
destemail = root@localhost
sendername = Fail2Ban
action = %(action_)s

[sshd]
enabled = true
port    = ssh
logpath = /var/log/auth.log
backend = systemd
maxretry = 3
bantime = 1h
findtime = 10m

# Additional SSH protection for multiple failed attempts
[sshd-aggressive]
enabled = false
port    = ssh
logpath = /var/log/auth.log
backend = systemd
maxretry = 5
bantime = 24h
findtime = 1h