From 060bd4529567172b5b957511fa71ee8a65090333 Mon Sep 17 00:00:00 2001 From: Beau Raines Date: Sun, 8 Sep 2013 15:21:58 -0700 Subject: [PATCH] ENH - Added server name to subject line in email notifications This is useful when fail2ban is running on multiple servers and keeping the notifictions separate and knowing which machine is "under attack". --- THANKS | 1 + config/action.d/mail-buffered.conf | 6 +++--- config/action.d/mail-whois-lines.conf | 6 +++--- config/action.d/mail-whois.conf | 6 +++--- config/action.d/mail.conf | 6 +++--- config/action.d/sendmail-buffered.conf | 8 ++++---- config/action.d/sendmail-whois-lines.conf | 6 +++--- config/action.d/sendmail-whois.conf | 6 +++--- config/action.d/sendmail.conf | 6 +++--- 9 files changed, 26 insertions(+), 25 deletions(-) diff --git a/THANKS b/THANKS index 2da6614f..d5910297 100644 --- a/THANKS +++ b/THANKS @@ -10,6 +10,7 @@ Andrey G. Grozin Andy Fragen Arturo 'Buanzo' Busleiman Axel Thimm +Beau Raines Bill Heaton Carlos Alberto Lopez Perez Christian Rauch diff --git a/config/action.d/mail-buffered.conf b/config/action.d/mail-buffered.conf index 7ff17cf2..914d4a5a 100644 --- a/config/action.d/mail-buffered.conf +++ b/config/action.d/mail-buffered.conf @@ -14,7 +14,7 @@ actionstart = printf %%b "Hi,\n The jail has been started successfully.\n Output will be buffered until lines are available.\n Regards,\n - Fail2Ban"|mail -s "[Fail2Ban] : started" + Fail2Ban"|mail -s "[Fail2Ban] : started on `uname -n`" # Option: actionstop # Notes.: command executed once at the end of Fail2Ban @@ -25,13 +25,13 @@ actionstop = if [ -f ]; then These hosts have been banned by Fail2Ban.\n `cat ` Regards,\n - Fail2Ban"|mail -s "[Fail2Ban] : Summary" + Fail2Ban"|mail -s "[Fail2Ban] : Summary from `uname -n`" rm fi printf %%b "Hi,\n The jail has been stopped.\n Regards,\n - Fail2Ban"|mail -s "[Fail2Ban] : stopped" + Fail2Ban"|mail -s "[Fail2Ban] : stopped on `uname -n`" # Option: actioncheck # Notes.: command executed once before each actionban command diff --git a/config/action.d/mail-whois-lines.conf b/config/action.d/mail-whois-lines.conf index d30e266d..758c4eff 100644 --- a/config/action.d/mail-whois-lines.conf +++ b/config/action.d/mail-whois-lines.conf @@ -13,7 +13,7 @@ actionstart = printf %%b "Hi,\n The jail has been started successfully.\n Regards,\n - Fail2Ban"|mail -s "[Fail2Ban] : started" + Fail2Ban"|mail -s "[Fail2Ban] : started on `uname -n`" # Option: actionstop # Notes.: command executed once at the end of Fail2Ban @@ -22,7 +22,7 @@ actionstart = printf %%b "Hi,\n actionstop = printf %%b "Hi,\n The jail has been stopped.\n Regards,\n - Fail2Ban"|mail -s "[Fail2Ban] : stopped" + Fail2Ban"|mail -s "[Fail2Ban] : stopped on `uname -n`" # Option: actioncheck # Notes.: command executed once before each actionban command @@ -44,7 +44,7 @@ actionban = printf %%b "Hi,\n Lines containing IP: in \n `grep '\<\>' `\n\n Regards,\n - Fail2Ban"|mail -s "[Fail2Ban] : banned " + Fail2Ban"|mail -s "[Fail2Ban] : banned from `uname -n`" # Option: actionunban # Notes.: command executed when unbanning an IP. Take care that the diff --git a/config/action.d/mail-whois.conf b/config/action.d/mail-whois.conf index f58ae535..fa133ab3 100644 --- a/config/action.d/mail-whois.conf +++ b/config/action.d/mail-whois.conf @@ -13,7 +13,7 @@ actionstart = printf %%b "Hi,\n The jail has been started successfully.\n Regards,\n - Fail2Ban"|mail -s "[Fail2Ban] : started" + Fail2Ban"|mail -s "[Fail2Ban] : started on `uname -n`" # Option: actionstop # Notes.: command executed once at the end of Fail2Ban @@ -22,7 +22,7 @@ actionstart = printf %%b "Hi,\n actionstop = printf %%b "Hi,\n The jail has been stopped.\n Regards,\n - Fail2Ban"|mail -s "[Fail2Ban] : stopped" + Fail2Ban"|mail -s "[Fail2Ban] : stopped on `uname -n`" # Option: actioncheck # Notes.: command executed once before each actionban command @@ -42,7 +42,7 @@ actionban = printf %%b "Hi,\n Here are more information about :\n `whois `\n Regards,\n - Fail2Ban"|mail -s "[Fail2Ban] : banned " + Fail2Ban"|mail -s "[Fail2Ban] : banned from `uname -n`" # Option: actionunban # Notes.: command executed when unbanning an IP. Take care that the diff --git a/config/action.d/mail.conf b/config/action.d/mail.conf index f9a54979..7bf51a1d 100644 --- a/config/action.d/mail.conf +++ b/config/action.d/mail.conf @@ -13,7 +13,7 @@ actionstart = printf %%b "Hi,\n The jail has been started successfully.\n Regards,\n - Fail2Ban"|mail -s "[Fail2Ban] : started" + Fail2Ban"|mail -s "[Fail2Ban] : started on `uname -n`" # Option: actionstop # Notes.: command executed once at the end of Fail2Ban @@ -22,7 +22,7 @@ actionstart = printf %%b "Hi,\n actionstop = printf %%b "Hi,\n The jail has been stopped.\n Regards,\n - Fail2Ban"|mail -s "[Fail2Ban] : stopped" + Fail2Ban"|mail -s "[Fail2Ban] : stopped on `uname -n`" # Option: actioncheck # Notes.: command executed once before each actionban command @@ -40,7 +40,7 @@ actionban = printf %%b "Hi,\n The IP has just been banned by Fail2Ban after attempts against .\n Regards,\n - Fail2Ban"|mail -s "[Fail2Ban] : banned " + Fail2Ban"|mail -s "[Fail2Ban] : banned from `uname -n`" # Option: actionunban # Notes.: command executed when unbanning an IP. Take care that the diff --git a/config/action.d/sendmail-buffered.conf b/config/action.d/sendmail-buffered.conf index f5ca6c10..80eb20a3 100644 --- a/config/action.d/sendmail-buffered.conf +++ b/config/action.d/sendmail-buffered.conf @@ -14,7 +14,7 @@ before = sendmail-common.conf # Notes.: command executed once at the start of Fail2Ban. # Values: CMD # -actionstart = printf %%b "Subject: [Fail2Ban] : started +actionstart = printf %%b "Subject: [Fail2Ban] : started on `uname -n` From: <> To: \n Hi,\n @@ -28,7 +28,7 @@ actionstart = printf %%b "Subject: [Fail2Ban] : started # Values: CMD # actionstop = if [ -f ]; then - printf %%b "Subject: [Fail2Ban] : summary + printf %%b "Subject: [Fail2Ban] : summary from `uname -n` From: <> To: \n Hi,\n @@ -38,7 +38,7 @@ actionstop = if [ -f ]; then Fail2Ban" | /usr/sbin/sendmail -f rm fi - printf %%b "Subject: [Fail2Ban] : stopped + printf %%b "Subject: [Fail2Ban] : stopped on `uname -n` From: Fail2Ban <> To: \n Hi,\n @@ -61,7 +61,7 @@ actioncheck = actionban = printf %%b "`date`: ( failures)\n" >> LINE=$( wc -l | awk '{ print $1 }' ) if [ $LINE -ge ]; then - printf %%b "Subject: [Fail2Ban] : summary + printf %%b "Subject: [Fail2Ban] : summary from `uname -n` From: <> To: \n Hi,\n diff --git a/config/action.d/sendmail-whois-lines.conf b/config/action.d/sendmail-whois-lines.conf index 2cb27bd2..5a331e24 100644 --- a/config/action.d/sendmail-whois-lines.conf +++ b/config/action.d/sendmail-whois-lines.conf @@ -14,7 +14,7 @@ before = sendmail-common.conf # Notes.: command executed once at the start of Fail2Ban. # Values: CMD # -actionstart = printf %%b "Subject: [Fail2Ban] : started +actionstart = printf %%b "Subject: [Fail2Ban] : started on `uname -n` Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"` From: <> To: \n @@ -27,7 +27,7 @@ actionstart = printf %%b "Subject: [Fail2Ban] : started # Notes.: command executed once at the end of Fail2Ban # Values: CMD # -actionstop = printf %%b "Subject: [Fail2Ban] : stopped +actionstop = printf %%b "Subject: [Fail2Ban] : stopped on `uname -n` Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"` From: <> To: \n @@ -48,7 +48,7 @@ actioncheck = # Tags: See jail.conf(5) man page # Values: CMD # -actionban = printf %%b "Subject: [Fail2Ban] : banned +actionban = printf %%b "Subject: [Fail2Ban] : banned from `uname -n` Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"` From: <> To: \n diff --git a/config/action.d/sendmail-whois.conf b/config/action.d/sendmail-whois.conf index b111e19f..a65f9875 100644 --- a/config/action.d/sendmail-whois.conf +++ b/config/action.d/sendmail-whois.conf @@ -14,7 +14,7 @@ before = sendmail-common.conf # Notes.: command executed once at the start of Fail2Ban. # Values: CMD # -actionstart = printf %%b "Subject: [Fail2Ban] : started +actionstart = printf %%b "Subject: [Fail2Ban] : started on `uname -n` Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"` From: <> To: \n @@ -27,7 +27,7 @@ actionstart = printf %%b "Subject: [Fail2Ban] : started # Notes.: command executed once at the end of Fail2Ban # Values: CMD # -actionstop = printf %%b "Subject: [Fail2Ban] : stopped +actionstop = printf %%b "Subject: [Fail2Ban] : stopped on `uname -n` Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"` From: <> To: \n @@ -48,7 +48,7 @@ actioncheck = # Tags: See jail.conf(5) man page # Values: CMD # -actionban = printf %%b "Subject: [Fail2Ban] : banned +actionban = printf %%b "Subject: [Fail2Ban] : banned from `uname -n` Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"` From: <> To: \n diff --git a/config/action.d/sendmail.conf b/config/action.d/sendmail.conf index 55d388fc..70f38329 100644 --- a/config/action.d/sendmail.conf +++ b/config/action.d/sendmail.conf @@ -14,7 +14,7 @@ before = sendmail-common.conf # Notes.: command executed once at the start of Fail2Ban. # Values: CMD # -actionstart = printf %%b "Subject: [Fail2Ban] : started +actionstart = printf %%b "Subject: [Fail2Ban] : started on `uname -n` Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"` From: <> To: \n @@ -27,7 +27,7 @@ actionstart = printf %%b "Subject: [Fail2Ban] : started # Notes.: command executed once at the end of Fail2Ban # Values: CMD # -actionstop = printf %%b "Subject: [Fail2Ban] : stopped +actionstop = printf %%b "Subject: [Fail2Ban] : stopped on `uname -n` Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"` From: <> To: \n @@ -48,7 +48,7 @@ actioncheck = # Tags: See jail.conf(5) man page # Values: CMD # -actionban = printf %%b "Subject: [Fail2Ban] : banned +actionban = printf %%b "Subject: [Fail2Ban] : banned from `uname -n` Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"` From: <> To: \n