diff --git a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service10ssh b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service10ssh index dcfc316..fb8f8f9 100644 --- a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service10ssh +++ b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service10ssh @@ -2,7 +2,8 @@ my $port = $sshd{'TCPPort'} || '22'; my $status = $sshd{'status'} || 'disabled'; -return "" if ($status ne 'enabled'); +my $f2b = $sshd{'Fail2Ban'} || 'enabled'; +return "" if (($status ne 'enabled') || ($f2b ne 'enabled')); $OUT .=<<"EOF"; [ssh] diff --git a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service15dovecot b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service15dovecot index f369b12..15549f2 100644 --- a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service15dovecot +++ b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service15dovecot @@ -1,7 +1,8 @@ { my $status = $dovecot{'status'} || 'disabled'; -return "" if ($status ne 'enabled'); +my $f2b = $dovecot{'Fail2Ban'} || 'enabled'; +return "" if (($status ne 'enabled') || ($f2b ne 'enabled')); my @ports = (); push @ports, ($imap{'TCPPort'} || '143') if (($imap{'status'} || 'disabled') eq 'enabled'); diff --git a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service20qpsmtpd b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service20qpsmtpd index 8190b18..737b6a7 100644 --- a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service20qpsmtpd +++ b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service20qpsmtpd @@ -1,7 +1,8 @@ { my $status = $smtpd{'status'} || 'disabled'; -return "" if ($status ne 'enabled'); +my $f2b = $qpsmtpd{'Fail2Ban'} || 'enabled'; +return "" if (($status ne 'enabled') || ($f2b ne 'enabled')); my @ports = (); push @ports, ($smtpd{'TCPPort'} || '25'); push @ports, ($ssmtpd{'TCPPort'} || '465') diff --git a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service25httpd b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service25httpd index f41257b..16d7d84 100644 --- a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service25httpd +++ b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service25httpd @@ -1,7 +1,8 @@ { my $status = ${'httpd-e-smith'}{'status'} || 'disabled'; -return "" if ($status ne 'enabled'); +my $f2b = ${'httpd-e-smith'}{'Fail2Ban'} || 'enabled'; +return "" if (($status ne 'enabled') || ($f2b ne 'enabled')); my @ports = (); push @ports, (${'httpd-e-smith'}{'TCPPort'} || '80'); push @ports, ($modSSL{'TCPPort'} || '443'); diff --git a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service35SOGo b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service35SOGo index 149e09a..8c6fe77 100644 --- a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service35SOGo +++ b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service35SOGo @@ -1,7 +1,8 @@ { my $status = $sogod{'status'} || 'disabled'; -return "" if ($status ne 'enabled'); +my $f2b = $sogod{'Fail2Ban'} || 'enabled'; +return "" if (($status ne 'enabled') || ($f2b ne 'enabled')); my @ports = (); push @ports, (${'httpd-e-smith'}{'TCPPort'} || '80'); push @ports, ($modSSL{'TCPPort'} || '443'); diff --git a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service40LemonLDAPNG b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service40LemonLDAPNG index eee554b..189b450 100644 --- a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service40LemonLDAPNG +++ b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service40LemonLDAPNG @@ -1,7 +1,8 @@ { my $status = ${'lemonldap-ng'}{'status'} || 'disabled'; -return "" if ($status ne 'enabled'); +my $f2b = ${'lemonldap-ng'}{'Fail2Ban'} || 'enabled'; +return "" if (($status ne 'enabled') || ($f2b ne 'enabled')); my @ports = (); push @ports, (${'httpd-e-smith'}{'TCPPort'} || '80'); push @ports, ($modSSL{'TCPPort'} || '443'); diff --git a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service45ftp b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service45ftp index da62eef..1a9e48d 100644 --- a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service45ftp +++ b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service45ftp @@ -2,7 +2,8 @@ my $port = $ftp{'TCPPort'} || '21'; my $status = $ftp{'status'} || 'disabled'; -return "" if ($status ne 'enabled'); +my $f2b = $ftp{'Fail2Ban'} || 'enabled'; +return "" if (($status ne 'enabled') || ($f2b ne 'enabled')); # add the data channel port $port .= ',20'; $OUT .=<<"EOF"; diff --git a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service50Ejabberd b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service50Ejabberd index 770938e..bae5df6 100644 --- a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service50Ejabberd +++ b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/30Service50Ejabberd @@ -1,7 +1,8 @@ { my $status = $ejabberd{'status'} || 'disabled'; -return "" if ($status ne 'enabled'); +my $f2b = $ejabberd{'Fail2Ban'} || 'enabled'; +return "" if (($status ne 'enabled') || ($f2b ne 'enabled')); my $port = $ejabberd{'TCPPorts'} || '5222,5223,5269'; $OUT .=<<"EOF";