3 changed files with 0 additions and 83 deletions
--- a/.gitignore
+++ b/.gitignore
@ -12,6 +12,3 @@ htmlcov/
 dist/
 build/
 *.egg-info/
-
-coverage.xml
-report.xml
--- a/README.md
+++ b/README.md
@ -1,80 +1,3 @@
 [![pipeline status](https://gitlab.niet.verweg.com/ruben/jail2ban-pf/badges/main/pipeline.svg)](https://gitlab.niet.verweg.com/ruben/jail2ban-pf/-/commits/main)
 [![coverage report](https://gitlab.niet.verweg.com/ruben/jail2ban-pf/badges/main/coverage.svg)](https://gitlab.niet.verweg.com/ruben/jail2ban-pf/-/commits/main)

-
-## Installation
-
-
-* Install uwsgi 
-
- sudo pkg install www/uwsgi
-
-* Use the following for configuring uwsgi in rc.conf
-
- sudo sysrc uwsgi\_enable="YES"
- sudo sysrc uwsgi\_profiles="jail2ban\_pf"
- sudo sysrc uwsgi\_jail2ban\_pf\_flags="-L -M --uid \_jail2ban --python-path /opt/jail2ban-pf --wsgi-file /opt/jail2ban-pf/wsgi.py --stats 127.0.0.1:9191 --socket 127.0.0.1:3031 --chdir /var/empty --callable app --manage-script-name"
-
-* Configure <installation root>/instance/config.py
-
- SECRET\_KEY = os.urandom(32).hex()
- AUTHFILE = '/usr/local/etc/jail2ban-pf-users.txt'
-
-
-* Configure a nginx upstream and vhost
-
-_Of course you can listen on ipv4/ipv6 but you want to protect these addresses from inadvertent or malicious probes_
-
-    upstream uwsgi_pf_jail2ban {
-        server 127.0.0.1:3031;
-    }
-
-    server {
-        listen       unix:/path/to/jail_1/var/run/pf2ban/pf_jail2ban.sock;
-        listen       unix:/path/to/jail_2/var/run/pf2ban/pf_jail2ban.sock;
-        listen       unix:/path/to/jail_3/var/run/pf2ban/pf_jail2ban.sock;
-        server_name  _;
-
-        location / {
-            index     index.html index.htm index.php;
-            allow all;
-            include /usr/local/etc/nginx/uwsgi_params-dist;
-            uwsgi_pass uwsgi_pf_jail2ban;
-        }
-    }
-
-* Place anchors in pf for jail2ban to use
-
-
- anchor "f2b/*"
- anchor f2b-jail {
-     anchor "jail1_fqdn" to { <addr_jail1>, <addr_extra_jail1>, <addr_extra6_jail1> }
-     anchor "jail2_fqdn" to { <addr_jail2>, <addr_extra_jail2>, <addr_extra6_jail2> }
-     anchor "jail3_fqdn" to { <addr_jail3>, <addr_extra_jail3>, <addr_extra6_jail3> }
- }
-
-Having seperate anchors per jail makes it possible to have fine grained
-blocking: Something that is harmful to jail2 might be perfectly legit for jail2.
-
-Fail2ban will (re)create the per anchor rules on startup, and populate the designated address tables with offenders, e.g.:
-
- sudo pfctl -a f2b-jail/jail1\_fqdn -T show -t f2b-recidive
- 192.0.2.66
- 2001:db8:abad:cafe:0bad:f00d
-
-And the rules referencing these tables
-
- sudo pfctl -a 'f2b-jail/jail1\_fqdn' -s rules
- block drop quick proto tcp from <f2b-dovecot> to any port = pop3
- block drop quick proto tcp from <f2b-dovecot> to any port = pop3s
- block drop quick proto tcp from <f2b-dovecot> to any port = imap
- block drop quick proto tcp from <f2b-dovecot> to any port = imaps
- block drop quick proto tcp from <f2b-dovecot> to any port = submission
- block drop quick proto tcp from <f2b-dovecot> to any port = smtps
- block drop quick proto tcp from <f2b-dovecot> to any port = sieve
- block drop quick proto tcp from <f2b-sendmail-auth> to any port = submission
- block drop quick proto tcp from <f2b-sendmail-auth> to any port = smtps
- block drop quick proto tcp from <f2b-sendmail-auth> to any port = smtp
- block drop quick proto tcp from <f2b-sshd> to any port = ssh
- block drop quick proto tcp from <f2b-recidive> to any
-
--- a/wsgi.py
+++ b/wsgi.py
@ -1,3 +0,0 @@
-from jail2ban import create_app
-
-app = create_app()