ENH: action.d/hostsdeny to take daemon_list arguement as suggested in README.Solaris

2013-07-14 16:20:21 +10:00 · 2013-07-14 16:20:21 +10:00 · ab10664b57
parent 606e97683b
commit ab10664b57
4 changed files with 13 additions and 8 deletions
--- a/2
+++ b/2
@ -29,7 +29,7 @@ ver. 0.8.11 (2013/XX/XXX) - loves-unittests
  Daniel Black
  * action.d/hostsdeny -- NOTE: new dependancy 'ed'. Switched to use 'ed' across
    all platforms to ensure permissions are the same before and after a ban -
-		closes gh-266
+		closes gh-266. hostsdeny supports daemon_list now too.
 - New Features:
  Daniel Black & ykimon
   * filter.d/3proxy.conf -- filter added
--- a/README.Solaris
+++ b/README.Solaris
@ -99,7 +99,7 @@ REQ: Create /etc/fail2ban/jail.local containing:

 enabled     = true
 filter      = sshd
-action      = hostsdeny
+action      = hostsdeny[sshd]
              sendmail-whois[name=SSH, dest=you@example.com]
 ignoreregex = for myuser from
 logpath     = /var/adm/auth.log
@ -136,6 +136,4 @@ GOTCHAS AND FIXMES

 * Fail2ban adds lines like these to /etc/hosts.deny:

-    ALL: 1.2.3.4
-
-  wouldn't it be better to just block sshd?
+    sshd: 1.2.3.4
--- a/config/action.d/hostsdeny.conf
+++ b/config/action.d/hostsdeny.conf
@ -1,6 +1,7 @@
 # Fail2Ban configuration file
 #
 # Author: Cyril Jaquier
+# Edited for cross platform by: James Stout, Yaroslav Halchenko and Daniel Black
 #
 #

@ -31,7 +32,7 @@ actioncheck =
 # Values:  CMD
 #
 actionban = IP=<ip> &&
-            printf %%b "ALL: $IP\n" >> <file>
+            printf %%b "<daemon_list>: $IP\n" >> <file>

 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
@ -39,7 +40,7 @@ actionban = IP=<ip> &&
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionunban = echo "/ALL: <ip>$/<br>d<br>w<br>q" | ed <file>
+actionunban = echo "/^<daemon_list>: <ip>$/<br>d<br>w<br>q" | ed <file>

 [Init]

@ -48,3 +49,9 @@ actionunban = echo "/ALL: <ip>$/<br>d<br>w<br>q" | ed <file>
 # Values:  STR  Default:  /etc/hosts.deny
 #
 file = /etc/hosts.deny
+
+# Option:  daemon_list
+# Notes:   The list of services that this action will deny. See the man page
+#          for hosts.deny/hosts_access. Default is all services.
+# Values:  STR  Default: ALL
+daemon_list = ALL
--- a/config/jail.conf
+++ b/config/jail.conf
@ -103,7 +103,7 @@ logpath  = /root/path/to/assp/logs/maillog.txt

 enabled     = false
 filter      = sshd
-action      = hostsdeny
+action      = hostsdeny[daemon_list=sshd]
              sendmail-whois[name=SSH, dest=you@example.com]
 ignoreregex = for myuser from
 logpath     = /var/log/sshd.log