1
0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2024-11-22 02:17:26 +00:00

fail2ban ssh/ssh-ddos and sasl are now sshd and postfix-sasl (fixes #1453, merges #1454)

* fail2ban ssh/ssh-ddos and sasl are now sshd and postfix-sasl

* specified custom datepattern for miab-owncloud.conf
This commit is contained in:
jvolkenant 2019-01-18 06:36:43 -08:00 committed by Joshua Tauberer
parent c7659d9053
commit c60e3dc842
4 changed files with 11 additions and 5 deletions

View File

@ -1,6 +1,13 @@
CHANGELOG CHANGELOG
========= =========
In Development
--------------
System:
* Missing brute force login attack prevention (fail2ban) filters which stopped working on Ubuntu 18.04 were added back.
v0.40 (January 12, 2019) v0.40 (January 12, 2019)
------------------------ ------------------------

View File

@ -3,5 +3,6 @@
before = common.conf before = common.conf
[Definition] [Definition]
datepattern = %%Y-%%m-%%d %%H:%%M:%%S
failregex=Login failed: .*Remote IP: '<HOST>[\)'] failregex=Login failed: .*Remote IP: '<HOST>[\)']
ignoreregex = ignoreregex =

View File

@ -69,13 +69,10 @@ action = iptables-allports[name=recidive]
# So the notification is ommited. This will prevent message appearing in the mail.log that mail # So the notification is ommited. This will prevent message appearing in the mail.log that mail
# can't be delivered to fail2ban@$HOSTNAME. # can't be delivered to fail2ban@$HOSTNAME.
[sasl] [postfix-sasl]
enabled = true enabled = true
[ssh] [sshd]
enabled = true enabled = true
maxretry = 7 maxretry = 7
bantime = 3600 bantime = 3600
[ssh-ddos]
enabled = true

View File

@ -339,6 +339,7 @@ systemctl restart systemd-resolved
# Configure the Fail2Ban installation to prevent dumb bruce-force attacks against dovecot, postfix, ssh, etc. # Configure the Fail2Ban installation to prevent dumb bruce-force attacks against dovecot, postfix, ssh, etc.
rm -f /etc/fail2ban/jail.local # we used to use this file but don't anymore rm -f /etc/fail2ban/jail.local # we used to use this file but don't anymore
rm -f /etc/fail2ban/jail.d/defaults-debian.conf # removes default config so we can manage all of fail2ban rules in one config
cat conf/fail2ban/jails.conf \ cat conf/fail2ban/jails.conf \
| sed "s/PUBLIC_IP/$PUBLIC_IP/g" \ | sed "s/PUBLIC_IP/$PUBLIC_IP/g" \
| sed "s#STORAGE_ROOT#$STORAGE_ROOT#" \ | sed "s#STORAGE_ROOT#$STORAGE_ROOT#" \