Compare commits
7 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
0cdcd5b673 | ||
|
|
12dc849ad3 | ||
|
|
47f47e784d | ||
|
|
af31e1fe07 | ||
|
|
dab8e07069 | ||
|
|
a4b5dae912 | ||
|
|
a7458e33ce |
@@ -1,5 +1,5 @@
|
||||
name 'netmanagers-fail2ban'
|
||||
version '1.2.1'
|
||||
version '1.3.1'
|
||||
author 'Javier Bertoli'
|
||||
license 'Apache2'
|
||||
project_page 'http://www.netmanagers.com.ar'
|
||||
|
||||
@@ -15,6 +15,7 @@
|
||||
# Defaults to true
|
||||
# $filter - The filter rule to use.
|
||||
# If empty, defaults to == $jailname.
|
||||
# $ignoreip - Don't ban a host which matches an address in this list.
|
||||
# $port - The port to filter. It can be an array of ports.
|
||||
# $logpath - The log file to monitor
|
||||
# $maxretry - How many fails are acceptable
|
||||
@@ -29,6 +30,7 @@ define fail2ban::jail (
|
||||
$order = '',
|
||||
$status = '',
|
||||
$filter = '',
|
||||
$ignoreip = '',
|
||||
$port = '',
|
||||
$action = '',
|
||||
$logpath = '',
|
||||
@@ -62,6 +64,14 @@ define fail2ban::jail (
|
||||
default => $filter,
|
||||
}
|
||||
|
||||
$array_ignoreip = is_array($ignoreip) ? {
|
||||
false => $ignoreip ? {
|
||||
'' => [],
|
||||
default => [$ignoreip],
|
||||
},
|
||||
default => $ignoreip,
|
||||
}
|
||||
|
||||
$array_port = is_array($port) ? {
|
||||
false => $port ? {
|
||||
'' => [],
|
||||
|
||||
@@ -39,6 +39,7 @@ filter = fail2ban::jail
|
||||
:port => ['42', '43'],
|
||||
:logpath => '/path/to/somelog',
|
||||
:enable => true,
|
||||
:ignoreip => [ '10.3.2.0/24', '192.168.56.0/24' ],
|
||||
:findtime => '9000',
|
||||
:maxretry => '5',
|
||||
:bantime => '3600',
|
||||
@@ -53,6 +54,7 @@ filter = fail2ban::jail
|
||||
[fail2ban::jail]
|
||||
enabled = true
|
||||
filter = fail2ban::jail
|
||||
ignoreip = 10.3.2.0/24 192.168.56.0/24
|
||||
port = 42,43
|
||||
action = iptables[name=SSH, port=ssh, protocol=tcp]
|
||||
mail-whois[name=SSH, dest=yourmail@mail.com]
|
||||
|
||||
@@ -4,6 +4,9 @@ enabled = <%= @real_status %>
|
||||
<% if @real_filter != '' -%>
|
||||
filter = <%= @real_filter %>
|
||||
<% end -%>
|
||||
<% if @array_ignoreip != [] -%>
|
||||
ignoreip = <%= @array_ignoreip * ' ' %>
|
||||
<% end -%>
|
||||
<% if @array_port != [] -%>
|
||||
port = <%= @array_port * ',' %>
|
||||
<% end -%>
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# This file is managed by Puppet. DO NOT EDIT.
|
||||
[DEFAULT]
|
||||
ignoreip = <%= scope.lookupvar('fail2ban::ignoreip') %>
|
||||
ignoreip = <%= scope.lookupvar('fail2ban::ignoreip') * ' ' %>
|
||||
bantime = <%= scope.lookupvar('fail2ban::bantime') %>
|
||||
findtime = <%= scope.lookupvar('fail2ban::findtime') %>
|
||||
maxretry = <%= scope.lookupvar('fail2ban::maxretry') %>
|
||||
|
||||
Reference in New Issue
Block a user