diff --git a/conf/fail2ban/jails.conf b/conf/fail2ban/jails.conf index c4b1d2f5..dc4c819c 100644 --- a/conf/fail2ban/jails.conf +++ b/conf/fail2ban/jails.conf @@ -5,7 +5,7 @@ # Whitelist our own IP addresses. 127.0.0.1/8 is the default. But our status checks # ping services over the public interface so we should whitelist that address of # ours too. The string is substituted during installation. -ignoreip = 127.0.0.1/8 PUBLIC_IP ADMIN_HOME_IP +ignoreip = 127.0.0.1/8 PUBLIC_IP PUBLIC_IPV6 ADMIN_HOME_IP ADMIN_HOME_IPV6 bantime = 15m findtime = 120m maxretry = 4 diff --git a/setup/start.sh b/setup/start.sh index 3a2dfc45..601b0f1d 100755 --- a/setup/start.sh +++ b/setup/start.sh @@ -101,6 +101,7 @@ PRIVATE_IP=$PRIVATE_IP PRIVATE_IPV6=$PRIVATE_IPV6 MTA_STS_MODE=${DEFAULT_MTA_STS_MODE:-enforce} ADMIN_HOME_IP=$ADMIN_HOME_IP +ADMIN_HOME_IPV6= EOF # Start service configuration. diff --git a/setup/system.sh b/setup/system.sh index ddf86ec3..2720b738 100755 --- a/setup/system.sh +++ b/setup/system.sh @@ -349,6 +349,8 @@ rm -f /etc/fail2ban/jail.d/defaults-debian.conf # removes default config so we c cat conf/fail2ban/jails.conf \ | sed "s/PUBLIC_IP/$PUBLIC_IP/g" \ | sed "s/ADMIN_HOME_IP/$ADMIN_HOME_IP/g" \ + | sed "s/PUBLIC_IPV6/$PUBLIC_IPV6/g" \ + | sed "s/ADMIN_HOME_IPV6/$ADMIN_HOME_IPV6/g" \ | sed "s#STORAGE_ROOT#$STORAGE_ROOT#" \ > /etc/fail2ban/jail.d/00-mailinabox.conf cp -f conf/fail2ban/filter.d/* /etc/fail2ban/filter.d/