fail2ban/config/action.d/sendmail-whois-lines.conf

# Fail2Ban configuration file
#
# Author: Cyril Jaquier
#
#

[INCLUDES]

before = sendmail-common.conf

[Definition]

# Option:  actionban
# Notes.:  command executed when banning an IP. Take care that the
#          command is executed with Fail2Ban user rights.
# Tags:    See jail.conf(5) man page
# Values:  CMD
#
actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
            Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
            From: <sendername> <<sender>>
            To: <dest>\n
            Hi,\n
            The IP <ip> has just been banned by Fail2Ban after
            <failures> attempts against <name>.\n\n
            Here is more information about <ip>:\n
            `/usr/bin/whois <ip> || echo missing whois program`\n\n
            Lines containing IP:<ip> in <logpath>\n
            `grep '[^0-9]<ip>[^0-9]' <logpath>`\n\n
            Regards,\n
            Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>

[Init]

# Default name of the chain
#
name = default

# Path to the log files which contain relevant lines for the abuser IP
#
logpath = /dev/null
- Added sendmail actions. The action started with "mail" are now deprecated. Thanks to Raphaël Marichez - Fixed a small typo git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@595 a942ae1a-1317-0410-a47c-b1dcaea8d605 2007-07-05 16:10:33 +00:00			`# Fail2Ban configuration file`
			`#`
			`# Author: Cyril Jaquier`
			`#`
			`#`

Move sendmail settings to common file, make sender name configurable 2013-07-02 18:30:41 +00:00			`[INCLUDES]`

			`before = sendmail-common.conf`

- Added sendmail actions. The action started with "mail" are now deprecated. Thanks to Raphaël Marichez - Fixed a small typo git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@595 a942ae1a-1317-0410-a47c-b1dcaea8d605 2007-07-05 16:10:33 +00:00			`[Definition]`

			`# Option: actionban`
			`# Notes.: command executed when banning an IP. Take care that the`
			`# command is executed with Fail2Ban user rights.`
DOC: tags are documented in the jail.conf(5) man page 2013-03-16 23:52:49 +00:00			`# Tags: See jail.conf(5) man page`
- Added sendmail actions. The action started with "mail" are now deprecated. Thanks to Raphaël Marichez - Fixed a small typo git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@595 a942ae1a-1317-0410-a47c-b1dcaea8d605 2007-07-05 16:10:33 +00:00			`# Values: CMD`
			`#`
ENH - Added server name to subject line in email notifications This is useful when fail2ban is running on multiple servers and keeping the notifictions separate and knowing which machine is "under attack". 2013-09-08 22:21:58 +00:00			actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
BF: ensure dates in email are in the C locale. Thanks iGeorgeX 2013-04-29 04:10:23 +00:00			Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
Move sendmail settings to common file, make sender name configurable 2013-07-02 18:30:41 +00:00			`From: <sendername> <<sender>>`
- Added sendmail actions. The action started with "mail" are now deprecated. Thanks to Raphaël Marichez - Fixed a small typo git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@595 a942ae1a-1317-0410-a47c-b1dcaea8d605 2007-07-05 16:10:33 +00:00			`To: <dest>\n`
			`Hi,\n`
			`The IP <ip> has just been banned by Fail2Ban after`
			`<failures> attempts against <name>.\n\n`
DOC: correct grammar - s/Here are more information/Here is more information/ 2013-12-04 11:40:48 +00:00			`Here is more information about <ip>:\n`
BF: put notice in email if whois program could not provide more information. Closes gh-471 2013-12-04 11:43:06 +00:00			`/usr/bin/whois <ip> \|\| echo missing whois program`\n\n
- Added sendmail actions. The action started with "mail" are now deprecated. Thanks to Raphaël Marichez - Fixed a small typo git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@595 a942ae1a-1317-0410-a47c-b1dcaea8d605 2007-07-05 16:10:33 +00:00			`Lines containing IP:<ip> in <logpath>\n`
BF: grep matches on <ip> shouldn't include other IPs 2013-11-30 07:01:45 +00:00			`grep '[^0-9]<ip>[^0-9]' <logpath>`\n\n
- Added sendmail actions. The action started with "mail" are now deprecated. Thanks to Raphaël Marichez - Fixed a small typo git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@595 a942ae1a-1317-0410-a47c-b1dcaea8d605 2007-07-05 16:10:33 +00:00			`Regards,\n`
			`Fail2Ban" \| /usr/sbin/sendmail -f <sender> <dest>`

			`[Init]`

Fixed typos 2013-03-10 22:05:33 +00:00			`# Default name of the chain`
- Added sendmail actions. The action started with "mail" are now deprecated. Thanks to Raphaël Marichez - Fixed a small typo git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@595 a942ae1a-1317-0410-a47c-b1dcaea8d605 2007-07-05 16:10:33 +00:00			`#`
			`name = default`

			`# Path to the log files which contain relevant lines for the abuser IP`
			`#`
			`logpath = /dev/null`