external
/
mailinabox
mirror of https://github.com/mail-in-a-box/mailinabox.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Add the ip of the user performing the install to the ignore ip list of fail2ban

This commit is contained in:
Michael Kroes 2016-03-28 15:28:23 +02:00
parent df92a10eba
commit 8a06d0aa8b
2 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
conf/fail2ban/jail.local
View File

@ -4,7 +4,7 @@
# Whitelist our own IP addresses. 127.0.0.1/8 is the default. But our status checks # Whitelist our own IP addresses. 127.0.0.1/8 is the default. But our status checks
# ping services over the public interface so we should whitelist that address of # ping services over the public interface so we should whitelist that address of
# ours too. The string is substituted during installation. # ours too. The string is substituted during installation.
ignoreip = 127.0.0.1/8 PUBLIC_IP ignoreip = 127.0.0.1/8 PUBLIC_IP REMOTE_IP
# JAILS # JAILS

4
setup/system.sh
View File

@ -282,8 +282,12 @@ restart_service resolvconf
# ### Fail2Ban Service # ### Fail2Ban Service
# Configure the Fail2Ban installation to prevent dumb bruce-force attacks against dovecot, postfix and ssh # Configure the Fail2Ban installation to prevent dumb bruce-force attacks against dovecot, postfix and ssh
#
# We will whitelist our public IP and the IP of the user performing the install
IP_ADDRESS_OF_USER=$(pinky -w `logname` | tail -n+2 | tail -n1 | awk '{print $(NF)}')
cat conf/fail2ban/jail.local \ cat conf/fail2ban/jail.local \
| sed "s/PUBLIC_IP/$PUBLIC_IP/g" \ | sed "s/PUBLIC_IP/$PUBLIC_IP/g" \
| sed "s/REMOTE_IP/$IP_ADDRESS_OF_USER/g" \
> /etc/fail2ban/jail.local > /etc/fail2ban/jail.local
cp conf/fail2ban/dovecotimap.conf /etc/fail2ban/filter.d/dovecotimap.conf cp conf/fail2ban/dovecotimap.conf /etc/fail2ban/filter.d/dovecotimap.conf