confdroid/confdroid_fail2ban
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'master' of gitlab.puppetsoft.com:12ww1160/cd_fail2ban into HEAD

Browse Source
This commit is contained in:
Jenkins Server
2017-08-06 17:07:02 +02:00
parent 7e856636a1 cfb33c15b8
commit 48e97cf10c
14 changed files with 1183 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
CHANGELOG.md
View File

@@ -8,9 +8,69 @@ Changelog of Git Changelog.
<h2> No issue </h2>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/dc918f331ab225f">dc918f331ab225f</a> Arne Teuke <i>2017-08-03 11:01:32</i>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/cb4b482e20b2be5">cb4b482e20b2be5</a> Arne Teuke <i>2017-08-03 14:56:00</i>
<p>
<h3>initial commit</h3>
<h3>fixed controls for main conf/local files</h3>
</p>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/6f0942201f20c66">6f0942201f20c66</a> Jenkins Server <i>2017-08-03 14:55:39</i>
<p>
<h3>recommit for updates in build 9</h3>
</p>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/8c3df7530a1ab21">8c3df7530a1ab21</a> Arne Teuke <i>2017-08-03 14:51:29</i>
<p>
<h3>added controls for main conf/local files</h3>
</p>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/21086d1f714fd6a">21086d1f714fd6a</a> Jenkins Server <i>2017-08-03 14:51:10</i>
<p>
<h3>recommit for updates in build 8</h3>
</p>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/202c50762d6411e">202c50762d6411e</a> Arne Teuke <i>2017-08-03 14:29:17</i>
<p>
<h3>added controls for main conf/local files</h3>
</p>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/a22f3fb29e72361">a22f3fb29e72361</a> Jenkins Server <i>2017-08-03 14:28:57</i>
<p>
<h3>recommit for updates in build 7</h3>
</p>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/3fdfda26d55dc96">3fdfda26d55dc96</a> Jenkins Server <i>2017-08-03 13:10:45</i>
<p>
<h3>recommit for updates in build 6</h3>
</p>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/fdf29a4e38ba36a">fdf29a4e38ba36a</a> Arne Teuke <i>2017-08-03 13:09:41</i>
<p>
<h3>added directory control</h3>
</p>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/3c581b56cc82cb9">3c581b56cc82cb9</a> Arne Teuke <i>2017-08-03 13:01:25</i>
<p>
<h3>added directory control</h3>
</p>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/ab94577ae7093a2">ab94577ae7093a2</a> Jenkins Server <i>2017-08-03 13:01:03</i>
<p>
<h3>recommit for updates in build 4</h3>
</p>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/82035d505ca0352">82035d505ca0352</a> Arne Teuke <i>2017-08-03 12:13:00</i>
<p>
<h3>added service control</h3>
</p>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/423db4a35427180">423db4a35427180</a> Jenkins Server <i>2017-08-03 12:12:32</i>
<p>
<h3>recommit for updates in build 3</h3>
</p>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/059e16bca627858">059e16bca627858</a> Arne Teuke <i>2017-08-03 12:07:42</i>
<p>
<h3>added service control</h3>
</p>

36
REPOSTRUCTURE.md
View File

@@ -1,4 +1,27 @@
.
|-- doc
| |-- css
| | |-- common.css
| | |-- full_list.css
| | `-- style.css
| |-- js
| | |-- app.js
| | |-- full_list.js
| | `-- jquery.js
| |-- puppet_classes
| | |-- cd_fail2ban_3A_3Amain_3A_3Aconfig.html
| | |-- cd_fail2ban_3A_3Amain_3A_3Adirs.html
| | |-- cd_fail2ban_3A_3Amain_3A_3Afiles.html
| | |-- cd_fail2ban_3A_3Amain_3A_3Ainstall.html
| | |-- cd_fail2ban_3A_3Amain_3A_3Aservice.html
| | |-- cd_fail2ban_3A_3Aparams.html
| | `-- cd_fail2ban.html
| |-- file.README.html
| |-- frames.html
| |-- _index.html
| |-- index.html
| |-- puppet_class_list.html
| `-- top-level-namespace.html
|-- manifests
| |-- main
| | |-- config.pp
@@ -8,10 +31,19 @@
| | `-- service.pp
| |-- init.pp
| `-- params.pp
|-- templates
| |-- fail2ban_conf.erb
| |-- fail2ban_local.erb
| |-- jail_conf.erb
| `-- jail_local.erb
|-- tests
| `-- UTF_Files
|-- CHANGELOG.md
|-- Gemfile
|-- Gemfile.lock
|-- Jenkinsfile
|-- LICENSE
`-- README.md
|-- README.md
`-- REPOSTRUCTURE.md
2 directories, 12 files
8 directories, 38 files

2
doc/_index.html
View File

@@ -132,7 +132,7 @@
</div>
<div id="footer">
Generated on Thu Aug 3 14:12:29 2017 by
Generated on Thu Aug 3 18:32:54 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

17
doc/file.README.html
View File

@@ -61,7 +61,7 @@
<p>|Repo Name| version | Build
Status|
|---|---|---|---|
|<code>cd_fail2ban</code>| 0.0.0.2 | <a
|<code>cd_fail2ban</code>| 0.0.0.5 | <a
href="https://jenkins.confdroid.com/buildStatus/icon?job=cd_fail2ban">{Build
Status</a>/]|</p>
@@ -128,6 +128,15 @@ href="https://gitlab.puppetsoft.com/12WW1160/cd_fail2ban/blob/master/CHANGELOG.m
<p>Installation
* install required binaries</p>
<p>Configuration
* manage directory structure (file system permissions,
selinux context)
* manage configration files (file system permissions,
selinux context, content based on parameters)</p>
<p>Service
* manage service status (running or stopped)</p>
<h3 id="label-Repo+Structure">Repo Structure</h3>
<p>Repostructure has moved to REPOSTRUCTURE.md in repo.</p>
@@ -184,6 +193,10 @@ right out of box as is.</p>
selinux is disabled, these contexts are ignored.</p>
<h3 id="label-Known+Problems">Known Problems</h3>
<ul><li>
<p>firewalld: firewalld is auto-installed on CentOS7 as dependency of fail2ban
by yum.</p>
</li></ul>
<h3 id="label-Support">Support</h3>
<ul><li>
@@ -238,7 +251,7 @@ environments.</p>
</div></div>
<div id="footer">
Generated on Thu Aug 3 14:12:30 2017 by
Generated on Thu Aug 3 18:32:55 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

17
doc/index.html
View File

@@ -61,7 +61,7 @@
<p>|Repo Name| version | Build
Status|
|---|---|---|---|
|<code>cd_fail2ban</code>| 0.0.0.2 | <a
|<code>cd_fail2ban</code>| 0.0.0.5 | <a
href="https://jenkins.confdroid.com/buildStatus/icon?job=cd_fail2ban">{Build
Status</a>/]|</p>
@@ -128,6 +128,15 @@ href="https://gitlab.puppetsoft.com/12WW1160/cd_fail2ban/blob/master/CHANGELOG.m
<p>Installation
* install required binaries</p>
<p>Configuration
* manage directory structure (file system permissions,
selinux context)
* manage configration files (file system permissions,
selinux context, content based on parameters)</p>
<p>Service
* manage service status (running or stopped)</p>
<h3 id="label-Repo+Structure">Repo Structure</h3>
<p>Repostructure has moved to REPOSTRUCTURE.md in repo.</p>
@@ -184,6 +193,10 @@ right out of box as is.</p>
selinux is disabled, these contexts are ignored.</p>
<h3 id="label-Known+Problems">Known Problems</h3>
<ul><li>
<p>firewalld: firewalld is auto-installed on CentOS7 as dependency of fail2ban
by yum.</p>
</li></ul>
<h3 id="label-Support">Support</h3>
<ul><li>
@@ -238,7 +251,7 @@ environments.</p>
</div></div>
<div id="footer">
Generated on Thu Aug 3 14:12:29 2017 by
Generated on Thu Aug 3 18:32:55 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

2
doc/puppet_classes/cd_fail2ban.html
View File

@@ -139,7 +139,7 @@ class cd_fail2ban {
</div>
<div id="footer">
Generated on Thu Aug 3 14:12:30 2017 by
Generated on Thu Aug 3 18:32:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

8
doc/puppet_classes/cd_fail2ban_3A_3Amain_3A_3Aconfig.html
View File

@@ -134,8 +134,7 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
27
28
29
30
31</pre>
30</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/main/config.pp', line 24</span>
@@ -144,9 +143,8 @@ class cd_fail2ban::main::config (
) inherits cd_fail2ban::params {
if $fn_enable_fail2ban == true {
include cd_fail2ban::main::service
}
}</pre>
</td>
</tr>
@@ -155,7 +153,7 @@ class cd_fail2ban::main::config (
</div>
<div id="footer">
Generated on Thu Aug 3 14:12:30 2017 by
Generated on Thu Aug 3 18:32:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

229
doc/puppet_classes/cd_fail2ban_3A_3Amain_3A_3Adirs.html
View File

@@ -86,24 +86,21 @@
<p>cd_fail2ban::main::dirs.pp
Module name: cd_fail2ban
Author: Arne Teuke
(arne_teuke@ConfDroid.com)</p>
(arne_teuke@confdroid.com)
License:
This file is part of cd_fail2ban.</p>
<h1 id="label-License%3A">License:</h1>
<p>cd_fail2ban is used for providing automatic configuration of Fail2Ban
<p>This file is part of cd_fail2ban.</p>
<p>cd_fail2ban is used for providing automatic configuration of
&lt;service /
purpose&gt;
Copyright (C) 2016 ConfDroid (copyright@ConfDroid.com)
This
program is free software: you can redistribute it and/or modify
it under
the terms of the GNU General Public License as published by
the Free
Software Foundation, either version 3 of the License, or
(at your option)
any later version.</p>
Copyright (C) 2017 confdroid (copyright@confdroid.com)
This program is
free software: you can redistribute it and/or modify
it under the terms of
the GNU General Public License as published by
the Free Software
Foundation, either version 3 of the License, or
(at your option) any later
version.</p>
<p>This program is distributed in the hope that it will be useful,
but
@@ -130,6 +127,7 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
<pre class="lines">
23
24
25
26
@@ -138,10 +136,106 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
29
30
31
32</pre>
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/main/dirs.pp', line 24</span>
<pre class="code"><span class="info file"># File 'manifests/main/dirs.pp', line 23</span>
class cd_fail2ban::main::dirs (
@@ -149,6 +243,103 @@ class cd_fail2ban::main::dirs (
require cd_fail2ban::main::install
# manage main dir
file { $fn_main_dir:
ensure =&gt; directory,
path =&gt; $fn_main_dir,
owner =&gt; &#39;root&#39;,
group =&gt; &#39;root&#39;,
mode =&gt; &#39;0755&#39;,
selrange =&gt; s0,
selrole =&gt; object_r,
seltype =&gt; etc_t,
seluser =&gt; system_u,
}
# manage action.d dir
file { $fn_action_d_dir:
ensure =&gt; directory,
path =&gt; $fn_action_d_dir,
owner =&gt; &#39;root&#39;,
group =&gt; &#39;root&#39;,
mode =&gt; &#39;0755&#39;,
selrange =&gt; s0,
selrole =&gt; object_r,
seltype =&gt; etc_t,
seluser =&gt; system_u,
}
# manage fail2ban.d dir
file { $fn_fail2ban_d_dir:
ensure =&gt; directory,
path =&gt; $fn_fail2ban_d_dir,
owner =&gt; &#39;root&#39;,
group =&gt; &#39;root&#39;,
mode =&gt; &#39;0755&#39;,
selrange =&gt; s0,
selrole =&gt; object_r,
seltype =&gt; etc_t,
seluser =&gt; system_u,
}
# manage filter.d dir
file { $fn_filter_d_dir:
ensure =&gt; directory,
path =&gt; $fn_filter_d_dir,
owner =&gt; &#39;root&#39;,
group =&gt; &#39;root&#39;,
mode =&gt; &#39;0755&#39;,
selrange =&gt; s0,
selrole =&gt; object_r,
seltype =&gt; etc_t,
seluser =&gt; system_u,
}
# manage jail.d dir
file { $fn_jail_d_dir:
ensure =&gt; directory,
path =&gt; $fn_jail_d_dir,
owner =&gt; &#39;root&#39;,
group =&gt; &#39;root&#39;,
mode =&gt; &#39;0755&#39;,
selrange =&gt; s0,
selrole =&gt; object_r,
seltype =&gt; etc_t,
seluser =&gt; system_u,
}
# manage /var/lib/fail2ban
file { $fn_var_lib_dir:
ensure =&gt; directory,
path =&gt; $fn_var_lib_dir,
owner =&gt; &#39;root&#39;,
group =&gt; &#39;root&#39;,
mode =&gt; &#39;0755&#39;,
selrange =&gt; s0,
selrole =&gt; object_r,
seltype =&gt; fail2ban_var_lib_t,
seluser =&gt; system_u,
}
# manage /var/run/fail2bam
file { $fn_var_run_dir:
ensure =&gt; directory,
path =&gt; $fn_var_run_dir,
owner =&gt; &#39;root&#39;,
group =&gt; &#39;root&#39;,
mode =&gt; &#39;0755&#39;,
selrange =&gt; s0,
selrole =&gt; object_r,
seltype =&gt; fail2ban_var_run_t,
seluser =&gt; system_u,
}
}</pre>
@@ -159,7 +350,7 @@ class cd_fail2ban::main::dirs (
</div>
<div id="footer">
Generated on Thu Aug 3 14:12:30 2017 by
Generated on Thu Aug 3 18:32:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

138
doc/puppet_classes/cd_fail2ban_3A_3Amain_3A_3Afiles.html
View File

@@ -133,7 +133,74 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
26
27
28
29</pre>
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/main/files.pp', line 23</span>
@@ -144,6 +211,73 @@ class cd_fail2ban::main::files (
require cd_fail2ban::main::dirs
if $fn_manage_config == true {
# manage fail2ban.conf
file { $fn_fail2ban_conf_file:
ensure =&gt; present,
path =&gt; $fn_fail2ban_conf_file,
owner =&gt; &#39;root&#39;,
group =&gt; &#39;root&#39;,
mode =&gt; &#39;0640&#39;,
selrange =&gt; s0,
selrole =&gt; object_r,
seltype =&gt; etc_t,
seluser =&gt; system_u,
content =&gt; template($fn_fail2ban_conf_erb),
notify =&gt; Service[$fn_service],
}
# manage fail2ban.local
file { $fn_fail2ban_local_file:
ensure =&gt; present,
path =&gt; $fn_fail2ban_local_file,
owner =&gt; &#39;root&#39;,
group =&gt; &#39;root&#39;,
mode =&gt; &#39;0640&#39;,
selrange =&gt; s0,
selrole =&gt; object_r,
seltype =&gt; etc_t,
seluser =&gt; system_u,
content =&gt; template($fn_fail2ban_local_erb),
notify =&gt; Service[$fn_service],
}
# manage jail.conf
file { $fn_jail_conf_file:
ensure =&gt; present,
path =&gt; $fn_jail_conf_file,
owner =&gt; &#39;root&#39;,
group =&gt; &#39;root&#39;,
mode =&gt; &#39;0640&#39;,
selrange =&gt; s0,
selrole =&gt; object_r,
seltype =&gt; etc_t,
seluser =&gt; system_u,
content =&gt; template($fn_jail_conf_erb),
notify =&gt; Service[$fn_service],
}
# manage jail.local
file { $fn_jail_local_file:
ensure =&gt; present,
path =&gt; $fn_jail_local_file,
owner =&gt; &#39;root&#39;,
group =&gt; &#39;root&#39;,
mode =&gt; &#39;0640&#39;,
selrange =&gt; s0,
selrole =&gt; object_r,
seltype =&gt; etc_t,
seluser =&gt; system_u,
content =&gt; template($fn_jail_local_erb),
notify =&gt; Service[$fn_service],
}
}
}</pre>
</td>
</tr>
@@ -152,7 +286,7 @@ class cd_fail2ban::main::files (
</div>
<div id="footer">
Generated on Thu Aug 3 14:12:30 2017 by
Generated on Thu Aug 3 18:32:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

2
doc/puppet_classes/cd_fail2ban_3A_3Amain_3A_3Ainstall.html
View File

@@ -159,7 +159,7 @@ class cd_fail2ban::main::install (
</div>
<div id="footer">
Generated on Thu Aug 3 14:12:30 2017 by
Generated on Thu Aug 3 18:32:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

8
doc/puppet_classes/cd_fail2ban_3A_3Amain_3A_3Aservice.html
View File

@@ -139,7 +139,8 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
32
33
34
35</pre>
35
36</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/main/service.pp', line 23</span>
@@ -151,11 +152,12 @@ class cd_fail2ban::main::service (
require cd_fail2ban::main::files
service { $fn_service:
ensure =&gt; running,
ensure =&gt; $fn_enable_service,
hasstatus =&gt; true,
hasrestart =&gt; true,
enable =&gt; true,
}
}</pre>
</td>
</tr>
@@ -164,7 +166,7 @@ class cd_fail2ban::main::service (
</div>
<div id="footer">
Generated on Thu Aug 3 14:12:30 2017 by
Generated on Thu Aug 3 18:32:57 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

729
doc/puppet_classes/cd_fail2ban_3A_3Aparams.html
View File

@@ -126,7 +126,9 @@ for more details.</p>
<p>You should have received a copy of the GNU General Public License
along
with this program. If not, see <a
href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.
<code>CRITICAL</code>,<code>ERROR</code>,<code>WARNING</code>,<code>NOTICE</code>,<code>INFO</code>
and <code>DEBUG</code>.</p>
</div>
</div>
@@ -156,15 +158,560 @@ to choose, i.e. <code>latest</code> or <code>present</code>.</p>
<li>
<span class='name'>fn_enable_fail2ban</span>
<span class='name'>fn_manage_config</span>
<span class='type'>(<tt>Any</tt>)</span>
<span class='type'>(<tt>boolean</tt>)</span>
<em class="default">(defaults to: <tt>true</tt>)</em>
&mdash;
<div class='inline'>
<p>Whether to manage the fail2ban
configuration files. If set to false,
fail2ban will be installed, but the
configuration will not be managed.</p>
</div>
</li>
<li>
<span class='name'>fn_enable_service</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;running&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>Whether to enable/start or disable/stop
the fail2ban service. Valid options
are <code>running</code> or <code>stopped</code>.</p>
</div>
</li>
<li>
<span class='name'>fn_loglevel</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;INFO&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>Set the log level output. Valid options are</p>
</div>
</li>
<li>
<span class='name'>fn_logtarget</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;SYSLOG&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>Set the log target. This could be a file,
SYSLOG, STDERR or STDOUT. Only
one log target can be specified.</p>
</div>
</li>
<li>
<span class='name'>fn_syslogsocket</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;auto&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>Set the syslog socket file. Only used when
logtarget is SYSLOG. auto uses
platform.system() to determine predefined
paths Valid options: [ auto |
FILE ].</p>
</div>
</li>
<li>
<span class='name'>fn_socket</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;/var/run/fail2ban/fail2ban.sock&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>Set the socket file to communicate with the daemon.</p>
</div>
</li>
<li>
<span class='name'>fn_pidfile</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;/var/run/fail2ban/fail2ban.pid&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>Set the PID file to store the process ID of the
fail2ban server.</p>
</div>
</li>
<li>
<span class='name'>fn_dbfile</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;/var/lib/fail2ban/fail2ban.sqlite3&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>file for the fail2ban persistent data to be stored.
A value of
&quot;:memory:&quot; means database is only stored in memory
and data is
lost when fail2ban is stopped.
A value of &quot;None&quot; disables the
database.</p>
</div>
</li>
<li>
<span class='name'>fn_dbpurgeage</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;86400&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>age in seconds at which bans should be purged
from the database.</p>
</div>
</li>
<li>
<span class='name'>fn_ignoreip</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;127.0.0.1/8&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>can be an IP address, a CIDR mask or a DNS host.
Fail2ban will not ban a
host which matches an address in this list. Several
addresses can be
defined using space (and/or comma) separator.</p>
</div>
</li>
<li>
<span class='name'>fn_ignorecommand</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>External command that will take an
tagged arguments to ignore, e.g.
&lt;ip&gt;,and return true if the IP is to be
ignored. False otherwise.</p>
</div>
</li>
<li>
<span class='name'>fn_bantime</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;600&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>number of seconds that a host is banned.</p>
</div>
</li>
<li>
<span class='name'>fn_findtime</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;600&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>A host is banned if it has generated “maxretry”
during the last
&quot;findtime&quot; seconds.</p>
</div>
</li>
<li>
<span class='name'>fn_maxretry</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;5&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>number of failures before a host get banned.</p>
</div>
</li>
<li>
<span class='name'>fn_backend</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;auto&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>specifies the backend used to get files
modification. options are
&quot;pyinotify&quot;, &quot;gamin&quot;, &quot;polling&quot;,
&quot;systemd&quot; and
&quot;auto&quot;.
pyinotify: requires pyinotify (a
file alteration monitor) to be installed.
If pyinotify is not installed,
Fail2ban will use auto.
gamin: requires Gamin (a file alteration monitor)
to be installed.
If Gamin is not installed, Fail2ban will use
auto.
polling: uses a polling algorithm which does not require external
libraries.
systemd: uses systemd python library to access the systemd
journal.
Specifying &quot;logpath&quot; is not valid for this backend.
See &quot;journalmatch&quot; in the jails associated filter config
auto:
will try to use the following backends, in order:
pyinotify, gamin,
polling.</p>
</div>
</li>
<li>
<span class='name'>fn_usedns</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;warn&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>specifies if jails should trust hostnames in logs,
warn when DNS lookups
are performed, or ignore all hostnames in logs
yes: if a hostname is
encountered, a DNS lookup will be performed.
warn: if a hostname is
encountered, a DNS lookup will be performed,
but it will be logged as a
warning.
no: if a hostname is encountered, will not be used for banning,
but it will be logged as info.
raw: use raw value (no hostname), allow use
it for no-host filters/actions
(example user)</p>
</div>
</li>
<li>
<span class='name'>fn_logencoding</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;auto&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>specifies the encoding of the log files
handled by the jail This is used to
decode the lines from the log file.
Typical examples: &quot;ascii&quot;,
&quot;utf-8&quot;
auto: will use the system locale setting</p>
</div>
</li>
<li>
<span class='name'>fn_enabled</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;false&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>enables the jails.
By default all jails are disabled, and it should stay
this way.
Enable only relevant to your setup jails in your .local or
jail.d/*.conf
true: jail will be enabled and log files will get monitored
for changes
false: jail is not enabled</p>
</div>
</li>
<li>
<span class='name'>fn_filter</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;%(__name__)s&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>defines the filter to use by the jail.
By default jails have names matching
their filter name</p>
</div>
</li>
<li>
<span class='name'>fn_destemail</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;root@localhost&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>Destination email address used solely for the
interpolations in
jail.conf,local,d/* configuration files.</p>
</div>
</li>
<li>
<span class='name'>fn_sender</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;root@localhost&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>Sender email address used solely for some actions</p>
</div>
</li>
<li>
<span class='name'>fn_mta</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;sendmail&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>E-mail action. Since 0.8.1 Fail2Ban uses sendmail MTA
for the mailing.
Change mta configuration parameter to mail if you want to
revert to
conventional &#39;mail&#39;.</p>
</div>
</li>
<li>
<span class='name'>fn_protocol</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;tcp&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>Default protocol.</p>
</div>
</li>
<li>
<span class='name'>fn_chain</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;INPUT&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>Specify chain where jumps would need to be added in
iptables-* actions.</p>
</div>
</li>
<li>
<span class='name'>fn_port</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;0:65535&#39;</tt>)</em>
&mdash;
<div class='inline'>
<h1 id="label-Ports+to+be+banned+Usually+should+be+overridden">Ports to be banned Usually should be overridden</h1>
<p>in a particular jail</p>
</div>
</li>
<li>
<span class='name'>fn_fail2ban_agent</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;Fail2Ban/%(fail2ban_version)s&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>Format of user-agent
<a
href="https://tools.ietf.org/html/rfc7231#section-5.5.3">tools.ietf.org/html/rfc7231#section-5.5.3</a></p>
</div>
</li>
</ul>
@@ -177,46 +724,166 @@ to choose, i.e. <code>latest</code> or <code>present</code>.</p>
<pre class="lines">
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47</pre>
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/params.pp', line 27</span>
<pre class="code"><span class="info file"># File 'manifests/params.pp', line 104</span>
class cd_fail2ban::params (
$pkg_ensure = &#39;latest&#39;,
$pkg_ensure = &#39;latest&#39;,
$fn_manage_config = true,
$fn_enable_service = &#39;running&#39;,
# fail2ban.conf/local
$fn_loglevel = &#39;INFO&#39;,
$fn_logtarget = &#39;SYSLOG&#39;,
$fn_syslogsocket = &#39;auto&#39;,
$fn_socket = &#39;/var/run/fail2ban/fail2ban.sock&#39;,
$fn_pidfile = &#39;/var/run/fail2ban/fail2ban.pid&#39;,
$fn_dbfile = &#39;/var/lib/fail2ban/fail2ban.sqlite3&#39;,
$fn_dbpurgeage = &#39;86400&#39;,
# jail.conf/local
$fn_ignoreip = &#39;127.0.0.1/8&#39;,
$fn_ignorecommand = &#39;&#39;,
$fn_bantime = &#39;600&#39;,
$fn_findtime = &#39;600&#39;,
$fn_maxretry = &#39;5&#39;,
$fn_backend = &#39;auto&#39;,
$fn_usedns = &#39;warn&#39;,
$fn_logencoding = &#39;auto&#39;,
$fn_enabled = &#39;false&#39;,
$fn_filter = &#39;%(__name__)s&#39;,
$fn_destemail = &#39;root@localhost&#39;,
$fn_sender = &#39;root@localhost&#39;,
$fn_mta = &#39;sendmail&#39;,
$fn_protocol = &#39;tcp&#39;,
$fn_chain = &#39;INPUT&#39;,
$fn_port = &#39;0:65535&#39;,
$fn_fail2ban_agent = &#39;Fail2Ban/%(fail2ban_version)s&#39;,
$fn_enable_fail2ban = true,
) {
# installation section
$reqpackages = $::operatingsystem ? {
/(?i-mx:centos|fedora|redhat)/ =&gt; [&#39;fail2ban&#39;],
$reqpackages = $::operatingsystem ? {
/(?i-mx:centos|fedora|redhat)/ =&gt; [&#39;fail2ban&#39;,&#39;fail2ban-firewalld&#39;,
&#39;fail2ban-sendmail&#39;,
&#39;fail2ban-server.noarch&#39;,&#39;jwhois&#39;],
}
$fn_jail_paths = $::operatingsystem ? {
/(?i-mx:centos|fedora|redhat)/ =&gt; &#39;fedora&#39;,
}
# shortcuts
$fn_os = $::operatingsystem
# service
$fn_service = &#39;fail2ban&#39;
$fn_service = &#39;fail2ban&#39;
# directories
$fn_main_dir = &#39;/etc/fail2ban&#39;
$fn_action_d_dir = &quot;${fn_main_dir}/action.d&quot;
$fn_fail2ban_d_dir = &quot;${fn_main_dir}/fail2ban.d&quot;
$fn_filter_d_dir = &quot;${fn_main_dir}/filter.d&quot;
$fn_jail_d_dir = &quot;${fn_main_dir}/jail.d&quot;
$fn_var_lib_dir = &#39;/var/lib/fail2ban&#39;
$fn_var_run_dir = &#39;/var/run/fail2ban&#39;
# files
$fn_fail2ban_conf_file = &quot;${fn_main_dir}/fail2ban.conf&quot;
$fn_fail2ban_conf_erb = &#39;cd_fail2ban/fail2ban_conf.erb&#39;
$fn_fail2ban_local_file = &quot;${fn_main_dir}/fail2ban.local&quot;
$fn_fail2ban_local_erb = &#39;cd_fail2ban/fail2ban_local.erb&#39;
$fn_jail_conf_file = &quot;${fn_main_dir}/jail.conf&quot;
$fn_jail_conf_erb = &#39;cd_fail2ban/jail_conf.erb&#39;
$fn_jail_local_file = &quot;${fn_main_dir}/jail.local&quot;
$fn_jail_local_erb = &#39;cd_fail2ban/jail_local.erb&#39;
# includes must be last
@@ -230,7 +897,7 @@ $fn_service = &#39;fail2ban&#39;
</div>
<div id="footer">
Generated on Thu Aug 3 14:12:30 2017 by
Generated on Thu Aug 3 18:32:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

2
doc/top-level-namespace.html
View File

@@ -90,7 +90,7 @@
</div>
<div id="footer">
Generated on Thu Aug 3 14:12:30 2017 by
Generated on Thu Aug 3 18:32:55 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

1
tests/UTF_Files
View File

@@ -4,3 +4,4 @@
./.yardoc/objects/root.dat: data
./doc/css/style.css: HTML document, UTF-8 Unicode text, with very long lines
./doc/js/jquery.js: HTML document, UTF-8 Unicode text, with very long lines
./doc/puppet_classes/cd_fail2ban_3A_3Aparams.html: HTML document, UTF-8 Unicode text