diff --git a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/15MaxRetries b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/15MaxRetries index 6194601..2a13d32 100644 --- a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/15MaxRetries +++ b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/15MaxRetries @@ -1,5 +1,5 @@ { -my $maxretry = $fail2ban{'MaxRetry'} || '5'; +our $maxretry = $fail2ban{'MaxRetry'} || '5'; $OUT .= "maxretry = $maxretry"; diff --git a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service20qpsmtpd b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service20qpsmtpd new file mode 100644 index 0000000..2e7f534 --- /dev/null +++ b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service20qpsmtpd @@ -0,0 +1,26 @@ +{ + +my $status = $smtpd{'status'} || 'disabled'; +return "" if ($status ne 'enabled'); +my @ports = (); +push @ports, ($smtpd{'TCPPort'} || '25'); +push @ports, ($ssmtpd{'TCPPort'} || '465') + if (($ssmtpd{'status'} || 'disabled') eq 'enabled'); +my $port = join (",", @ports); + +my $max = $maxretry*3 + +$OUT .=<<"EOF"; + +[qpsmtpd] +enabled = true +filter = qpsmtpd +logpath = /var/log/*qpsmtpd/current +action = smeserver[port="$port",protocol=tcp,bantime=$bantime] +maxretry = $max +EOF + +$OUT .= " sendmail[name=\"Qpsmtpd\",dest=$maildest]\n" + if ($mail eq 'enabled'); + +} diff --git a/root/etc/fail2ban/filter.d/qpsmtpd.conf b/root/etc/fail2ban/filter.d/qpsmtpd.conf new file mode 100644 index 0000000..b3948d7 --- /dev/null +++ b/root/etc/fail2ban/filter.d/qpsmtpd.conf @@ -0,0 +1,9 @@ +[INCLUDES] +before = common.conf + +[Definition] + +_daemon = qpsmtpd + +failregex = ^\s*\d+\s*logging::logterse plugin \(deny\): ` \s*.*901.*msg denied before queued$ +ignoreregex =