From c98547df62850f9904166456b08d3a8992235596 Mon Sep 17 00:00:00 2001
From: Nicolas KAROLAK <nicolas@karolak.fr>
Date: Tue, 11 Sep 2018 17:53:28 +0200
Subject: [PATCH] fix(fail2ban): separate jails
---
2.Common_services/8.Fail2ban/0_setup.py | 35 ++++++++++++++++---
.../8.Fail2ban/jail.d/mediaserver.conf | 20 -----------
.../8.Fail2ban/jail.d/monitor.conf | 9 +++++
.../8.Fail2ban/jail.d/skyreach.conf | 9 +++++
4 files changed, 49 insertions(+), 24 deletions(-)
create mode 100644 2.Common_services/8.Fail2ban/jail.d/monitor.conf
create mode 100644 2.Common_services/8.Fail2ban/jail.d/skyreach.conf
diff --git a/2.Common_services/8.Fail2ban/0_setup.py b/2.Common_services/8.Fail2ban/0_setup.py
index 8090ed1a..d2fb1635 100644
--- a/2.Common_services/8.Fail2ban/0_setup.py
+++ b/2.Common_services/8.Fail2ban/0_setup.py
@@ -1,5 +1,5 @@
#!/usr/bin/env python3
-# -*- coding: utf-8 -*-
+
import os
import utils
@@ -30,7 +30,9 @@ def setup(interactive=True):
template='%s/filter.d/mediaserver.conf' % dir_path,
target='/etc/fail2ban/filter.d/mediaserver.conf'
),
- dict(
+ ]
+ if os.path.exists("/home/msuser/mstmp/mediaserver.log"):
+ cmds.append(dict(
line='write',
template='%s/jail.d/mediaserver.conf' % dir_path,
target='/etc/fail2ban/jail.d/mediaserver.conf',
@@ -41,8 +43,33 @@ def setup(interactive=True):
('{{ maxretry }}', maxretry),
('{{ bantime }}', bantime),
)
- ),
- ]
+ ))
+ if os.path.exists("/home/skyreach/.skyreach/logs/skyreach.log"):
+ cmds.append(dict(
+ line='write',
+ template='%s/jail.d/skyreach.conf' % dir_path,
+ target='/etc/fail2ban/jail.d/skyreach.conf',
+ params=(
+ ('{{ action }}', action),
+ ('{{ sender }}', sender),
+ ('{{ destemail }}', destemail),
+ ('{{ maxretry }}', maxretry),
+ ('{{ bantime }}', bantime),
+ )
+ ))
+ if os.path.exists("/home/msmonitor/msmonitor/logs/site.log"):
+ cmds.append(dict(
+ line='write',
+ template='%s/jail.d/monitor.conf' % dir_path,
+ target='/etc/fail2ban/jail.d/monitor.conf',
+ params=(
+ ('{{ action }}', action),
+ ('{{ sender }}', sender),
+ ('{{ destemail }}', destemail),
+ ('{{ maxretry }}', maxretry),
+ ('{{ bantime }}', bantime),
+ )
+ ))
utils.run_commands(cmds)
# restart fail2ban
utils.log('Enable and restart fail2ban')
diff --git a/2.Common_services/8.Fail2ban/jail.d/mediaserver.conf b/2.Common_services/8.Fail2ban/jail.d/mediaserver.conf
index edc63e2b..1e21cb94 100644
--- a/2.Common_services/8.Fail2ban/jail.d/mediaserver.conf
+++ b/2.Common_services/8.Fail2ban/jail.d/mediaserver.conf
@@ -7,23 +7,3 @@ logpath = /home/*/mstmp/mediaserver.log
action = %({{ action }})s
sender = {{ sender }}
destemail = {{ destemail }}
-
-[skyreach]
-enabled = true
-filter = mediaserver
-maxretry = {{ maxretry }}
-bantime = {{ bantime }}
-logpath = /home/skyreach/.skyreach/logs/skyreach.log
-action = %({{ action }})s
-sender = {{ sender }}
-destemail = {{ destemail }}
-
-[monitor]
-enabled = true
-filter = mediaserver
-maxretry = {{ maxretry }}
-bantime = {{ bantime }}
-logpath = /home/msmonitor/msmonitor/logs/site.log
-action = %({{ action }})s
-sender = {{ sender }}
-destemail = {{ destemail }}
diff --git a/2.Common_services/8.Fail2ban/jail.d/monitor.conf b/2.Common_services/8.Fail2ban/jail.d/monitor.conf
new file mode 100644
index 00000000..3e2b8ca6
--- /dev/null
+++ b/2.Common_services/8.Fail2ban/jail.d/monitor.conf
@@ -0,0 +1,9 @@
+[monitor]
+enabled = true
+filter = mediaserver
+maxretry = {{ maxretry }}
+bantime = {{ bantime }}
+logpath = /home/msmonitor/msmonitor/logs/site.log
+action = %({{ action }})s
+sender = {{ sender }}
+destemail = {{ destemail }}
diff --git a/2.Common_services/8.Fail2ban/jail.d/skyreach.conf b/2.Common_services/8.Fail2ban/jail.d/skyreach.conf
new file mode 100644
index 00000000..436a4872
--- /dev/null
+++ b/2.Common_services/8.Fail2ban/jail.d/skyreach.conf
@@ -0,0 +1,9 @@
+[skyreach]
+enabled = true
+filter = mediaserver
+maxretry = {{ maxretry }}
+bantime = {{ bantime }}
+logpath = /home/skyreach/.skyreach/logs/skyreach.log
+action = %({{ action }})s
+sender = {{ sender }}
+destemail = {{ destemail }}
--
GitLab