Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I would like to call a bash script in the mailing of Fail2Ban. The bash script calls a rest api to get the username of the blocked ip-address by fail2ban.
Code:
# Fail2Ban configuration file
#
# Author: *
#
#
[INCLUDES]
before = sendmail-common.conf
[Definition]
# Option: actionban
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: See jail.conf(5) man page
# Values: CMD
#
actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
Date: `LC_ALL=C date +"%%a, %%d %%h %%Y %%T %%z"`
From: <sendername> <<sender>>
To: <dest>\n
The following IP <ip> has just been banned by Fail2Ban after <failures> attempts against the acceptance environment of <name> on server.\n
One or the following users could be the victim: \n
`/etc/fail2ban/restapi/getHttpSessions.sh | grep <ip>` \n | /usr/sbin/sendmail -f <sender> <dest>
[Init]
But however I got errors in the fail2ban log that no e-mail is sended
I got it working! Probably some issues with syntax, but the following code works:
Thanks guys!
Quote:
# Fail2Ban configuration file
#
# Author: Danny van den Berg
#
#
[INCLUDES]
before = sendmail-common.conf
[Definition]
# Option: actionban
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: See jail.conf(5) man page
# Values: CMD
#
actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
Date: `LC_ALL=C date +"%%a, %%d %%h %%Y %%T %%z"`
From: <sendername> <<sender>>
To: <dest>\n
The following IP <ip> has just been banned by Fail2Ban after <failures> attempts against the production environment of <name> on server lrv154ec.\n
Blocked users = `/usr/bin/gethttpsessions | grep <ip> `\n\n" | /usr/sbin/sendmail -f <sender> <dest>
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,524
Rep:
Regarding Habitual's comment, just make as back-up of the new file in case fail2ban wipes it out on an upgrade. I know Debian checks for custom config files, but maybe not every distro does.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.