koozali
/
smeserver-fail2ban
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Possibility to disable jails for individual services

This commit is contained in:
Daniel Berteaud 2013-05-09 14:30:57 +02:00
parent 77ba56b52e
commit e4db556bf3
8 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service10ssh
View File

@ -2,7 +2,8 @@
my $port = $sshd{'TCPPort'} || '22';
my $status = $sshd{'status'} || 'disabled';
return "" if ($status ne 'enabled');
my $f2b = $sshd{'Fail2Ban'} || 'enabled';
return "" if (($status ne 'enabled') || ($f2b ne 'enabled'));
$OUT .=<<"EOF";
[ssh]

3
root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service15dovecot
View File

@ -1,7 +1,8 @@
{
my $status = $dovecot{'status'} || 'disabled';
return "" if ($status ne 'enabled');
my $f2b = $dovecot{'Fail2Ban'} || 'enabled';
return "" if (($status ne 'enabled') || ($f2b ne 'enabled'));
my @ports = ();
push @ports, ($imap{'TCPPort'} || '143')
if (($imap{'status'} || 'disabled') eq 'enabled');

3
root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service20qpsmtpd
View File

@ -1,7 +1,8 @@
{
my $status = $smtpd{'status'} || 'disabled';
return "" if ($status ne 'enabled');
my $f2b = $qpsmtpd{'Fail2Ban'} || 'enabled';
return "" if (($status ne 'enabled') || ($f2b ne 'enabled'));
my @ports = ();
push @ports, ($smtpd{'TCPPort'} || '25');
push @ports, ($ssmtpd{'TCPPort'} || '465')

3
root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service25httpd
View File

@ -1,7 +1,8 @@
{
my $status = ${'httpd-e-smith'}{'status'} || 'disabled';
return "" if ($status ne 'enabled');
my $f2b = ${'httpd-e-smith'}{'Fail2Ban'} || 'enabled';
return "" if (($status ne 'enabled') || ($f2b ne 'enabled'));
my @ports = ();
push @ports, (${'httpd-e-smith'}{'TCPPort'} || '80');
push @ports, ($modSSL{'TCPPort'} || '443');

3
root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service35SOGo
View File

@ -1,7 +1,8 @@
{
my $status = $sogod{'status'} || 'disabled';
return "" if ($status ne 'enabled');
my $f2b = $sogod{'Fail2Ban'} || 'enabled';
return "" if (($status ne 'enabled') || ($f2b ne 'enabled'));
my @ports = ();
push @ports, (${'httpd-e-smith'}{'TCPPort'} || '80');
push @ports, ($modSSL{'TCPPort'} || '443');

3
root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service40LemonLDAPNG
View File

@ -1,7 +1,8 @@
{
my $status = ${'lemonldap-ng'}{'status'} || 'disabled';
return "" if ($status ne 'enabled');
my $f2b = ${'lemonldap-ng'}{'Fail2Ban'} || 'enabled';
return "" if (($status ne 'enabled') || ($f2b ne 'enabled'));
my @ports = ();
push @ports, (${'httpd-e-smith'}{'TCPPort'} || '80');
push @ports, ($modSSL{'TCPPort'} || '443');

3
root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service45ftp
View File

@ -2,7 +2,8 @@
my $port = $ftp{'TCPPort'} || '21';
my $status = $ftp{'status'} || 'disabled';
return "" if ($status ne 'enabled');
my $f2b = $ftp{'Fail2Ban'} || 'enabled';
return "" if (($status ne 'enabled') || ($f2b ne 'enabled'));
# add the data channel port
$port .= ',20';
$OUT .=<<"EOF";

3
root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service50Ejabberd
View File

@ -1,7 +1,8 @@
{
my $status = $ejabberd{'status'} || 'disabled';
return "" if ($status ne 'enabled');
my $f2b = $ejabberd{'Fail2Ban'} || 'enabled';
return "" if (($status ne 'enabled') || ($f2b ne 'enabled'));
my $port = $ejabberd{'TCPPorts'} || '5222,5223,5269';
$OUT .=<<"EOF";