From 39711cf6c2ec5a3b4480dcb4800cc3802bda5bf2 Mon Sep 17 00:00:00 2001 From: Lukasz Kasprzak Date: Fri, 20 Mar 2026 19:16:32 +0100 Subject: feat: first fully successful run e2e on straper --- .../action.d/sendmail-geoip-lines.conf | 59 ++++++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 straper/db/public/fail2ban/etc-fail2ban/action.d/sendmail-geoip-lines.conf (limited to 'straper/db/public/fail2ban/etc-fail2ban/action.d/sendmail-geoip-lines.conf') diff --git a/straper/db/public/fail2ban/etc-fail2ban/action.d/sendmail-geoip-lines.conf b/straper/db/public/fail2ban/etc-fail2ban/action.d/sendmail-geoip-lines.conf new file mode 100644 index 0000000..b36e49a --- /dev/null +++ b/straper/db/public/fail2ban/etc-fail2ban/action.d/sendmail-geoip-lines.conf @@ -0,0 +1,59 @@ +# Fail2Ban configuration file +# +# Author: Viktor Szépe +# +# + +[INCLUDES] + +before = sendmail-common.conf + helpers-common.conf + +[Definition] + +# bypass ban/unban for restored tickets +norestored = 1 + +# Option: actionban +# Notes.: Command executed when banning an IP. Take care that the +# command is executed with Fail2Ban user rights. +# You need to install geoiplookup and the GeoLite or GeoIP databases. +# (geoip-bin and geoip-database in Debian) +# The host command comes from bind9-host package. +# Tags: See jail.conf(5) man page +# Values: CMD +# +actionban = ( printf %%b "Subject: [Fail2Ban] : banned from + Date: `LC_ALL=C date +"%%a, %%d %%h %%Y %%T %%z"` + From: <> + To: \n + Hi,\n + The IP has just been banned by Fail2Ban after + attempts against .\n\n + Here is more information about :\n + http://bgp.he.net/ip/ + http://www.projecthoneypot.org/ip_ + http://whois.domaintools.com/\n\n + Country:`geoiplookup -f /usr/share/GeoIP/GeoIP.dat "" | cut -d':' -f2-` + AS:`geoiplookup -f /usr/share/GeoIP/GeoIPASNum.dat "" | cut -d':' -f2-` + hostname: \n\n + Lines containing failures of (max )\n"; + %(_grep_logs)s; + printf %%b "\n + Regards,\n + Fail2Ban" ) | + +[Init] + +# Default name of the chain +# +name = default + +# Path to the log files which contain relevant lines for the abuser IP +# +logpath = /dev/null + +# Number of log lines to include in the email +# +#grepmax = 1000 +#grepopts = -m -- cgit v1.3