Use a custom sendmail conf to only send a mail on ban

tags/0.0.1
Daniel Berteaud 12 years ago
parent be1410934a
commit b81e45174b
  1. 2
      root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service10ssh
  2. 2
      root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service15dovecot
  3. 2
      root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service20qpsmtpd
  4. 8
      root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service25httpd
  5. 5
      root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service30pam
  6. 2
      root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service35SOGo
  7. 2
      root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service40LemonLDAPNG
  8. 21
      root/etc/fail2ban/action.d/smeserver-sendmail.conf

@ -12,7 +12,7 @@ logpath = /var/log/sshd/current
action = smeserver[port="$port",protocol=tcp,bantime=$bantime] action = smeserver[port="$port",protocol=tcp,bantime=$bantime]
EOF EOF
$OUT .= " sendmail[name=SSH,dest=$maildest]\n" $OUT .= " smeserver-sendmail[name=SSH,dest=$maildest]\n"
if ($mail eq 'enabled'); if ($mail eq 'enabled');
} }

@ -18,7 +18,7 @@ logpath = /var/log/dovecot/current
action = smeserver[port="$port",protocol=tcp,bantime=$bantime] action = smeserver[port="$port",protocol=tcp,bantime=$bantime]
EOF EOF
$OUT .= " sendmail[name=Dovecot,dest=$maildest]\n" $OUT .= " smeserver-sendmail[name=Dovecot,dest=$maildest]\n"
if ($mail eq 'enabled'); if ($mail eq 'enabled');
} }

@ -20,7 +20,7 @@ action = smeserver[port="$port",protocol=tcp,bantime=$bantime]
maxretry = $max maxretry = $max
EOF EOF
$OUT .= " sendmail[name=\"Qpsmtpd\",dest=$maildest]\n" $OUT .= " smeserver-sendmail[name=\"Qpsmtpd\",dest=$maildest]\n"
if ($mail eq 'enabled'); if ($mail eq 'enabled');
} }

@ -16,7 +16,7 @@ logpath = /var/log/httpd/error_log
action = smeserver[port="$port",protocol=tcp,bantime=$bantime] action = smeserver[port="$port",protocol=tcp,bantime=$bantime]
EOF EOF
$OUT .= " sendmail[name=\"Apache (overflows)\",dest=$maildest]\n" $OUT .= " smeserver-sendmail[name=\"Apache (overflows)\",dest=$maildest]\n"
if ($mail eq 'enabled'); if ($mail eq 'enabled');
$OUT .=<<"EOF"; $OUT .=<<"EOF";
@ -28,7 +28,7 @@ logpath = /var/log/httpd/error_log
action = smeserver[port="$port",protocol=tcp,bantime=$bantime] action = smeserver[port="$port",protocol=tcp,bantime=$bantime]
EOF EOF
$OUT .= " sendmail[name=\"Apache (noscript)\",dest=$maildest]\n" $OUT .= " smeserver-sendmail[name=\"Apache (noscript)\",dest=$maildest]\n"
if ($mail eq 'enabled'); if ($mail eq 'enabled');
$OUT .=<<"EOF"; $OUT .=<<"EOF";
@ -40,7 +40,7 @@ logpath = /var/log/httpd/error_log
action = smeserver[port="$port",protocol=tcp,bantime=$bantime] action = smeserver[port="$port",protocol=tcp,bantime=$bantime]
EOF EOF
$OUT .= " sendmail[name=\"Apache (scan)\",dest=$maildest]\n" $OUT .= " smeserver-sendmail[name=\"Apache (scan)\",dest=$maildest]\n"
if ($mail eq 'enabled'); if ($mail eq 'enabled');
$OUT .=<<"EOF"; $OUT .=<<"EOF";
@ -52,6 +52,6 @@ logpath = /var/log/httpd/error_log
action = smeserver[port="$port",protocol=tcp,bantime=$bantime] action = smeserver[port="$port",protocol=tcp,bantime=$bantime]
EOF EOF
$OUT .= " sendmail[name=\"Apache (auth)\",dest=$maildest]\n" $OUT .= " smeserver-sendmail[name=\"Apache (auth)\",dest=$maildest]\n"
if ($mail eq 'enabled'); if ($mail eq 'enabled');
} }

@ -4,4 +4,7 @@ enabled = true
filter = pam-generic filter = pam-generic
logpath = /var/log/secure logpath = /var/log/secure
action = smeserver[bantime={"$bantime"}] action = smeserver[bantime={"$bantime"}]
{
$OUT .= " smeserver-sendmail[name=SSH,dest=$maildest]\n"
if ($mail eq 'enabled');
}

@ -16,7 +16,7 @@ logpath = /var/log/sogo/sogo.log
action = smeserver[port="$port",protocol=tcp,bantime=$bantime] action = smeserver[port="$port",protocol=tcp,bantime=$bantime]
EOF EOF
$OUT .= " sendmail[name=\"SOGo\",dest=$maildest]\n" $OUT .= " smeserver-sendmail[name=\"SOGo\",dest=$maildest]\n"
if ($mail eq 'enabled'); if ($mail eq 'enabled');
} }

@ -16,7 +16,7 @@ logpath = /var/log/messages
action = smeserver[port="$port",protocol=tcp,bantime=$bantime] action = smeserver[port="$port",protocol=tcp,bantime=$bantime]
EOF EOF
$OUT .= " sendmail[name=\"LemonLDAP::NG\",dest=$maildest]\n" $OUT .= " smeserver-sendmail[name=\"LemonLDAP::NG\",dest=$maildest]\n"
if ($mail eq 'enabled'); if ($mail eq 'enabled');
} }

@ -0,0 +1,21 @@
[Definition]
actionstart =
actionstop =
actioncheck =
actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip>
From: Fail2Ban <<sender>>
To: <dest>\n
Hi,\n
The IP <ip> has just been banned by Fail2Ban after
<failures> attempts against <name>.\n
Regards,\n
Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
actionunban =
[Init]
name = default
dest = root
sender = fail2ban
Loading…
Cancel
Save