Use a custom sendmail conf to only send a mail on ban
This commit is contained in:
parent
be1410934a
commit
b81e45174b
|
@ -12,7 +12,7 @@ logpath = /var/log/sshd/current
|
|||
action = smeserver[port="$port",protocol=tcp,bantime=$bantime]
|
||||
EOF
|
||||
|
||||
$OUT .= " sendmail[name=SSH,dest=$maildest]\n"
|
||||
$OUT .= " smeserver-sendmail[name=SSH,dest=$maildest]\n"
|
||||
if ($mail eq 'enabled');
|
||||
|
||||
}
|
||||
|
|
|
@ -18,7 +18,7 @@ logpath = /var/log/dovecot/current
|
|||
action = smeserver[port="$port",protocol=tcp,bantime=$bantime]
|
||||
EOF
|
||||
|
||||
$OUT .= " sendmail[name=Dovecot,dest=$maildest]\n"
|
||||
$OUT .= " smeserver-sendmail[name=Dovecot,dest=$maildest]\n"
|
||||
if ($mail eq 'enabled');
|
||||
|
||||
}
|
||||
|
|
|
@ -20,7 +20,7 @@ action = smeserver[port="$port",protocol=tcp,bantime=$bantime]
|
|||
maxretry = $max
|
||||
EOF
|
||||
|
||||
$OUT .= " sendmail[name=\"Qpsmtpd\",dest=$maildest]\n"
|
||||
$OUT .= " smeserver-sendmail[name=\"Qpsmtpd\",dest=$maildest]\n"
|
||||
if ($mail eq 'enabled');
|
||||
|
||||
}
|
||||
|
|
|
@ -16,7 +16,7 @@ logpath = /var/log/httpd/error_log
|
|||
action = smeserver[port="$port",protocol=tcp,bantime=$bantime]
|
||||
EOF
|
||||
|
||||
$OUT .= " sendmail[name=\"Apache (overflows)\",dest=$maildest]\n"
|
||||
$OUT .= " smeserver-sendmail[name=\"Apache (overflows)\",dest=$maildest]\n"
|
||||
if ($mail eq 'enabled');
|
||||
|
||||
$OUT .=<<"EOF";
|
||||
|
@ -28,7 +28,7 @@ logpath = /var/log/httpd/error_log
|
|||
action = smeserver[port="$port",protocol=tcp,bantime=$bantime]
|
||||
EOF
|
||||
|
||||
$OUT .= " sendmail[name=\"Apache (noscript)\",dest=$maildest]\n"
|
||||
$OUT .= " smeserver-sendmail[name=\"Apache (noscript)\",dest=$maildest]\n"
|
||||
if ($mail eq 'enabled');
|
||||
|
||||
$OUT .=<<"EOF";
|
||||
|
@ -40,7 +40,7 @@ logpath = /var/log/httpd/error_log
|
|||
action = smeserver[port="$port",protocol=tcp,bantime=$bantime]
|
||||
EOF
|
||||
|
||||
$OUT .= " sendmail[name=\"Apache (scan)\",dest=$maildest]\n"
|
||||
$OUT .= " smeserver-sendmail[name=\"Apache (scan)\",dest=$maildest]\n"
|
||||
if ($mail eq 'enabled');
|
||||
|
||||
$OUT .=<<"EOF";
|
||||
|
@ -52,6 +52,6 @@ logpath = /var/log/httpd/error_log
|
|||
action = smeserver[port="$port",protocol=tcp,bantime=$bantime]
|
||||
EOF
|
||||
|
||||
$OUT .= " sendmail[name=\"Apache (auth)\",dest=$maildest]\n"
|
||||
$OUT .= " smeserver-sendmail[name=\"Apache (auth)\",dest=$maildest]\n"
|
||||
if ($mail eq 'enabled');
|
||||
}
|
||||
|
|
|
@ -4,4 +4,7 @@ enabled = true
|
|||
filter = pam-generic
|
||||
logpath = /var/log/secure
|
||||
action = smeserver[bantime={"$bantime"}]
|
||||
|
||||
{
|
||||
$OUT .= " smeserver-sendmail[name=SSH,dest=$maildest]\n"
|
||||
if ($mail eq 'enabled');
|
||||
}
|
||||
|
|
|
@ -16,7 +16,7 @@ logpath = /var/log/sogo/sogo.log
|
|||
action = smeserver[port="$port",protocol=tcp,bantime=$bantime]
|
||||
EOF
|
||||
|
||||
$OUT .= " sendmail[name=\"SOGo\",dest=$maildest]\n"
|
||||
$OUT .= " smeserver-sendmail[name=\"SOGo\",dest=$maildest]\n"
|
||||
if ($mail eq 'enabled');
|
||||
|
||||
}
|
||||
|
|
|
@ -16,7 +16,7 @@ logpath = /var/log/messages
|
|||
action = smeserver[port="$port",protocol=tcp,bantime=$bantime]
|
||||
EOF
|
||||
|
||||
$OUT .= " sendmail[name=\"LemonLDAP::NG\",dest=$maildest]\n"
|
||||
$OUT .= " smeserver-sendmail[name=\"LemonLDAP::NG\",dest=$maildest]\n"
|
||||
if ($mail eq 'enabled');
|
||||
|
||||
}
|
||||
|
|
|
@ -0,0 +1,21 @@
|
|||
|
||||
[Definition]
|
||||
|
||||
actionstart =
|
||||
actionstop =
|
||||
actioncheck =
|
||||
actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip>
|
||||
From: Fail2Ban <<sender>>
|
||||
To: <dest>\n
|
||||
Hi,\n
|
||||
The IP <ip> has just been banned by Fail2Ban after
|
||||
<failures> attempts against <name>.\n
|
||||
Regards,\n
|
||||
Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
|
||||
actionunban =
|
||||
|
||||
[Init]
|
||||
name = default
|
||||
dest = root
|
||||
sender = fail2ban
|
||||
|
Loading…
Reference in New Issue