From 5eb43f4af407ed4010b3e502884462db98f42567 Mon Sep 17 00:00:00 2001
From: latham <latham@ispconfig3>
Date: Tue, 17 May 2011 10:25:24 -0400
Subject: [PATCH] Fail2ban config start: The Chicken first

---
 install/lib/installer_base.lib.php             |    3 ++-
 install/tpl/dovecot_fail2ban_jail.local.master |   10 ++++++++++
 install/tpl/dovecot-pop3imap.conf.master       |    3 +++
 3 files changed, 15 insertions(+), 1 deletions(-)

diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index f5724bf..816efaf 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -133,6 +133,7 @@
 		if(is_installed('squid')) $conf['squid']['installed'] = true;
 		if(is_installed('nginx')) $conf['nginx']['installed'] = true;
 		if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
+		if(is_installed('fail2ban-server')) $conf['fail2ban']['installed'] = true;
 		if(is_dir("/etc/Bastille")) $conf['bastille']['installed'] = true;
 		
 		if ($conf['services']['web'] && $conf['apache']['installed'] && is_file($conf['apache']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")) $this->ispconfig_interface_installed = true;
@@ -1898,4 +1899,4 @@
 	}
 }
 
-?>
+?>
\ No newline at end of file
diff --git a/install/tpl/dovecot-pop3imap.conf.master b/install/tpl/dovecot-pop3imap.conf.master
new file mode 100644
index 0000000..d723a2d
--- /dev/null
+++ b/install/tpl/dovecot-pop3imap.conf.master
@@ -0,0 +1,3 @@
+[Definition]
+failregex = (?: pop3-login|imap-login): .*(?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed).*rip=(?P<host>\S*),.*
+ignoreregex =
diff --git a/install/tpl/dovecot_fail2ban_jail.local.master b/install/tpl/dovecot_fail2ban_jail.local.master
new file mode 100644
index 0000000..69e923c
--- /dev/null
+++ b/install/tpl/dovecot_fail2ban_jail.local.master
@@ -0,0 +1,10 @@
+[dovecot-pop3imap]
+enabled = true
+filter = dovecot-pop3imap
+action = iptables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,imap,imaps", protocol=tcp]
+# optionaly mail notification # mail[name=dovecot-pop3imap, dest=root@domain] # see /etc/fail2ban/action.d/ or Fail2Ban doc
+logpath = /var/log/maillog
+maxretry = 20
+findtime = 1200
+bantime = 1200
+

--
Gitblit v1.9.1