Initial release: F2B Control Center v1.0

Fail2Ban + Nginx Proxy Manager dashboard in a single Docker container.

Features:
- Auto-ban via badbot, http-errors, npm-probe, manual-bans, recidive jails
- Web dashboard: live ban grid, log scanner, per-IP access log viewer
- iptables-nft banning (DOCKER-USER + INPUT chains)
- Optional Cloudflare WAF banning
- Optional AbuseIPDB threat scoring
- Two-tier IP management: whitelist (trusted) vs exempt (reviewed)
- Auto log-file detection via logwatch (no restart needed for new NPM hosts)

fail2ban/filter.d/manual-bans.conf

@@ -0,0 +1,15 @@
+# ── F2B Control Center — manual-bans filter ──────────────────────────────────
+#
+# Empty filter — this jail is used exclusively for manual banning via the
+# dashboard or `fail2ban-client set manual-bans banip <IP>`.
+#
+# No log-based automatic detection is performed. Bans are permanent (bantime = -1)
+# and are only added or removed through explicit operator action.
+# ─────────────────────────────────────────────────────────────────────────────
+
+[Definition]
+
+# Empty failregex: no automatic log-based detection
+failregex =
+
+ignoreregex =