mirror of
				https://github.com/mail-in-a-box/mailinabox.git
				synced 2025-10-25 18:00:54 +00:00 
			
		
		
		
	improve handling of unconfigured ipv6
This commit is contained in:
		
							parent
							
								
									2d9aa20b36
								
							
						
					
					
						commit
						4e4055b956
					
				| @ -5,7 +5,7 @@ | |||||||
| # Whitelist our own IP addresses. 127.0.0.1/8 is the default. But our status checks | # Whitelist our own IP addresses. 127.0.0.1/8 is the default. But our status checks | ||||||
| # ping services over the public interface so we should whitelist that address of | # ping services over the public interface so we should whitelist that address of | ||||||
| # ours too. The string is substituted during installation. | # ours too. The string is substituted during installation. | ||||||
| ignoreip = 127.0.0.1/8 ::1/128 PUBLIC_IP PUBLIC_IPV6/64 ADMIN_HOME_IP ADMIN_HOME_IPV6 | ignoreip = 127.0.0.1/8 ::1/128 PUBLIC_IP PUBLIC_IPV6 ADMIN_HOME_IP ADMIN_HOME_IPV6 | ||||||
| bantime = 15m | bantime = 15m | ||||||
| findtime = 120m | findtime = 120m | ||||||
| maxretry = 4 | maxretry = 4 | ||||||
|  | |||||||
| @ -374,14 +374,21 @@ systemctl restart systemd-resolved | |||||||
| rm -f /etc/fail2ban/jail.local # we used to use this file but don't anymore | rm -f /etc/fail2ban/jail.local # we used to use this file but don't anymore | ||||||
| rm -f /etc/fail2ban/jail.d/defaults-debian.conf # removes default config so we can manage all of fail2ban rules in one config | rm -f /etc/fail2ban/jail.d/defaults-debian.conf # removes default config so we can manage all of fail2ban rules in one config | ||||||
| 
 | 
 | ||||||
|  | # Take into account ipv6 might not be used | ||||||
|  | if [ ! -z "$PUBLIC_IPV6" ]; then | ||||||
|  |     PUBLIC_IPV6_FB="${PUBLIC_IPV6}/64" | ||||||
|  | else | ||||||
|  |     PUBLIC_IPV6_FB="" | ||||||
|  | fi | ||||||
|  | 
 | ||||||
| if [ ! -z "$ADMIN_HOME_IPV6" ]; then | if [ ! -z "$ADMIN_HOME_IPV6" ]; then | ||||||
|     ADMIN_HOME_IPV6_FB="${ADMIN_HOME_IPV6}/64" |     ADMIN_HOME_IPV6_FB="${ADMIN_HOME_IPV6}/64" | ||||||
| else | else | ||||||
| 	ADMIN_HOME_IPV6_FB="" |     ADMIN_HOME_IPV6_FB="" | ||||||
| fi | fi | ||||||
| 
 | 
 | ||||||
| cat conf/fail2ban/jails.conf \ | cat conf/fail2ban/jails.conf \ | ||||||
| 	| sed "s/PUBLIC_IPV6/$PUBLIC_IPV6/g" \ | 	| sed "s/PUBLIC_IPV6/$PUBLIC_IPV6_FB/g" \ | ||||||
| 	| sed "s/PUBLIC_IP/$PUBLIC_IP/g" \ | 	| sed "s/PUBLIC_IP/$PUBLIC_IP/g" \ | ||||||
| 	| sed "s/ADMIN_HOME_IPV6/$ADMIN_HOME_IPV6_FB/g" \ | 	| sed "s/ADMIN_HOME_IPV6/$ADMIN_HOME_IPV6_FB/g" \ | ||||||
| 	| sed "s/ADMIN_HOME_IP/$ADMIN_HOME_IP/g" \ | 	| sed "s/ADMIN_HOME_IP/$ADMIN_HOME_IP/g" \ | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user