Fail2ban config start: The Chicken first

5eb43f4a · latham · 3a741161 · 5eb43f4a · 5eb43f4a · 5eb43f4a
Commit 5eb43f4a authored May 17, 2011 by latham
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -133,6 +133,7 @@ class installer_base {
 		if(is_installed('squid')) $conf['squid']['installed'] = true;
 		if(is_installed('nginx')) $conf['nginx']['installed'] = true;
 		if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
+		if(is_installed('fail2ban-server')) $conf['fail2ban']['installed'] = true;
 		if(is_dir("/etc/Bastille")) $conf['bastille']['installed'] = true;
 		
 		if ($conf['services']['web'] && $conf['apache']['installed'] && is_file($conf['apache']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")) $this->ispconfig_interface_installed = true;
@@ -1898,4 +1899,4 @@ class installer_base {
 	}
 }

-?>
+?>
\ No newline at end of file
--- a/install/tpl/dovecot-pop3imap.conf.master
+++ b/install/tpl/dovecot-pop3imap.conf.master
+[Definition]
+failregex = (?: pop3-login|imap-login): .*(?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed).*rip=(?P<host>\S*),.*
+ignoreregex =
--- a/install/tpl/dovecot_fail2ban_jail.local.master
+++ b/install/tpl/dovecot_fail2ban_jail.local.master
+[dovecot-pop3imap]
+enabled = true
+filter = dovecot-pop3imap
+action = iptables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,imap,imaps", protocol=tcp]
+# optionaly mail notification # mail[name=dovecot-pop3imap, dest=root@domain] # see /etc/fail2ban/action.d/ or Fail2Ban doc
+logpath = /var/log/maillog
+maxretry = 20
+findtime = 1200
+bantime = 1200
+