mirror of https://github.com/fail2ban/fail2ban
ENH: remove dependency on querycontacts
parent
bfd435091d
commit
8c37d2e4de
|
@ -1,7 +1,6 @@
|
|||
# Fail2Ban action for sending xarf Login-Attack messages to IP owner
|
||||
#
|
||||
# This requires querycontact ( http://pypi.python.org/pypi/querycontacts/ )
|
||||
# sudo pip install querycontacts
|
||||
# This requires the dig command from bind-utils
|
||||
#
|
||||
# This uses the https://abusix.com/contactdb.html to lookup abuse contacts.
|
||||
#
|
||||
|
@ -28,8 +27,8 @@ actionstop =
|
|||
|
||||
actioncheck =
|
||||
|
||||
actionban = ADDRESSES=`querycontacts <ip>`
|
||||
IP=<ip>
|
||||
actionban = oifs=${IFS}; IFS=.;SEP_IP=( <ip> ); set -- ${SEP_IP} ;ADDRESSES=$(dig +short -t txt -q $4.$3.$2.$1.abuse-contacts.abusix.org); IFS=${oifs}
|
||||
IP=<ip>
|
||||
FROM=<sender>
|
||||
SERVICE=<service>
|
||||
FAILURES=<failures>
|
||||
|
@ -42,7 +41,7 @@ actionban = ADDRESSES=`querycontacts <ip>`
|
|||
(printf -- %%b "<header>\n<message>\n<report>\n${MATCHES}\n";
|
||||
date '+Note: Local timezone is %%z (%%Z)';
|
||||
tail -n <loglines> <logpath> | grep '[^0-9]<ip>[^0-9]';
|
||||
printf -- %%b "<footer>") | <mailcmd> <mailargs> $ADDRESSES
|
||||
printf -- %%b "<footer>") | <mailcmd> <mailargs> ${ADDRESSES//,/" "}
|
||||
fi
|
||||
|
||||
actionunban =
|
||||
|
|
Loading…
Reference in New Issue