finalized jail.local

manifests/params.pp

@@ -105,6 +105,18 @@
 # @param  [string] fn_action_ ban only
 # @param  [string]  fn_action_mw ban & send an e-mail with whois report to the
 #   destemail.
+# @param  [string] fn_action_mwl ban & send an e-mail with whois report and
+#   relevant log lines
+# @param [string] fn_action_xarf ban & send a xarf e-mail to abuse contact of
+#   IP address and include relevant log lines.
+# @param  [string]  fn_action_cf_mwl ban IP on CloudFlare & send an e-mail with
+#   whois report and relevant log lines.
+# @param  [string] fn_action_blocklist_de Report block via blocklist.de fail2ban
+#   reporting service API
+#  @param  [string] Report ban via badips.com, and use as blacklist
+# @param  [string]  fn_action_badips_report # Report ban via badips.com
+#   (uses action.d/badips.conf for reporting only).
+# @param  [string]  fn_default_action Choose default action.
 ###############################################################################
 class cd_fail2ban::params (
 
@@ -145,6 +157,13 @@ $fn_banaction           = 'iptables-multiport',
 $fn_banaction_allports      = 'iptables-allports',
 $fn_action_                 = '%(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]',
 $fn_action_mw               = '%(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois[name=%(__name__)s,  sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"]',
+$fn_action_mwl              = '%(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s"]',
+$fn_action_xarf             = '%(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath=%(logpath)s, port="%(port)s"]',
+$fn_action_cf_mwl           = 'cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"] %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s"]',
+$fn_action_blocklist_de     = 'blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"]',
+$fn_action_badips           = 'badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"]',
+$fn_action_badips_report    = 'badips[category="%(__name__)s", agent="%(fail2ban_agent)s"]',
+$fn_default_action          = 'action_',
 
 ) {
 

templates/jail_local.erb

@@ -31,50 +31,15 @@ fail2ban_agent      = <%= @fn_fail2ban_agent %>
 banaction             = <%= @fn_banaction %>
 banaction_allports    = <%= @fn_banaction_allports %>
 
+# available actions
 action_               = <%= @fn_action_ %>
 action_mw             = <%= @fn_action_mw %>
+action_mwl            = <%= @fn_action_mwl %>
+action_xarf           = <%= @fn_action_xarf %>
+action_cf_mwl         = <%= @fn_action_cf_mwl %>
+action_blocklist_de   = <%= @fn_action_blocklist_de %>
+action_badips         = <%= @fn_action_badips %>
+action_badips_report  = <%= @fn_action_badips_report %>
 
-# ban & send an e-mail with whois report and relevant log lines
+# Default action
-# to the destemail.
+action                = %(<%= @fn_default_action %>)s
-action_mwl = %(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
-             %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s"]
-
-# See the IMPORTANT note in action.d/xarf-login-attack for when to use this action
-#
-# ban & send a xarf e-mail to abuse contact of IP address and include relevant log lines
-# to the destemail.
-action_xarf = %(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
-             xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath=%(logpath)s, port="%(port)s"]
-
-# ban IP on CloudFlare & send an e-mail with whois report and relevant log lines
-# to the destemail.
-action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"]
-                %(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s"]
-
-# Report block via blocklist.de fail2ban reporting service API
-#
-# See the IMPORTANT note in action.d/blocklist_de.conf for when to
-# use this action. Create a file jail.d/blocklist_de.local containing
-# [Init]
-# blocklist_de_apikey = {api key from registration]
-#
-action_blocklist_de  = blocklist_de[email="%(sender)s", service=%(filter)s, apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"]
-
-# Report ban via badips.com, and use as blacklist
-#
-# See BadIPsAction docstring in config/action.d/badips.py for
-# documentation for this action.
-#
-# NOTE: This action relies on banaction being present on start and therefore
-# should be last action defined for a jail.
-#
-action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"]
-#
-# Report ban via badips.com (uses action.d/badips.conf for reporting only)
-#
-action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"]
-
-# Choose default action.  To change, just override value of 'action' with the
-# interpolation to the chosen action shortcut (e.g.  action_mw, action_mwl, etc) in jail.local
-# globally (section [DEFAULT]) or per specific section
-action = %(action_)s