[krawl]
enabled = true
filter = krawl
logpath = /path/to/malicious_ips.txt ; update this path to where your krawl malicious IPs are logged
backend = auto
maxretry = 1
findtime = 1
bantime = 2592000 ; 30 days 
action = iptables-allports[name=krawl-ban, port=all, protocol=all]