OP#490 add jail
This commit is contained in:
@@ -427,6 +427,20 @@
|
||||
# Default is 'linux-services'.
|
||||
# @param [String] ng_servicegroup_alias The alias of the default service group.
|
||||
# Default is 'Linux Services'.
|
||||
# @param [Boolean] ng_enable_fail2ban Whether to enable fail2ban monitoring in
|
||||
# Nagios. Default is false.
|
||||
# @param [String] ng_jail_order The order number of jails in the jail.d directory.
|
||||
# Default is '10'.
|
||||
# @param [String] ng_jail_enable Whether to enable the monitoring of a specific
|
||||
# jail in Nagios. Default is 'true'.
|
||||
# @param [String] ng_fail2ban_logpath The path to the nagios access log to
|
||||
# monitor. Default is '/var/log/httpd/access.log'.
|
||||
# @param [String] ng_fail2ban_maxretry The maximum number of retries before a
|
||||
# host is considered banned in fail2ban. Default is '5'.
|
||||
# @param [String] ng_fail2ban_bantime The time in seconds that a host is banned
|
||||
# in fail2ban. Default is '3600'.
|
||||
# @param [String] ng_fail2ban_ignoreip A comma-separated list of IP addresses
|
||||
# to ignore in fail2ban. Default is '127.0.0.1/8 ::1 192.168.1.0/24'.
|
||||
################################################################################
|
||||
class confdroid_nagios::params (
|
||||
|
||||
@@ -671,13 +685,16 @@ class confdroid_nagios::params (
|
||||
Boolean $ng_enable_swap_check = true,
|
||||
|
||||
# fail2ban
|
||||
Boolean $ng_enable_fail2ban = false,
|
||||
Boolean $ng_enable_fail2ban = false,
|
||||
String $ng_jail_order = '10',
|
||||
Boolean $ng_jail_enable = true,
|
||||
#String $ng_fail2ban_jail = 'httpd',
|
||||
#String $ng_fail2ban_log = '/var/log/secure',
|
||||
String $ng_fail2ban_logpath = '/var/log/httpd/access.log',
|
||||
#String $ng_fail2ban_regex = 'sshd.*Failed password for',
|
||||
#String $ng_fail2ban_maxretry = '5',
|
||||
String $ng_fail2ban_maxretry = '5',
|
||||
#String $ng_fail2ban_findtime = '600',
|
||||
#String $ng_fail2ban_bantime = '3600',
|
||||
String $ng_fail2ban_bantime = '3600',
|
||||
String $ng_fail2ban_ignoreip = '127.0.0.1/8 ::1 192.168.1.0/24'
|
||||
|
||||
) {
|
||||
# Default facts
|
||||
@@ -761,6 +778,12 @@ class confdroid_nagios::params (
|
||||
$ng_svc_perfdata_file = "${ng_log_dir}/service-perfdata"
|
||||
$ng_debug_file = "${ng_log_dir}/nagios.debug"
|
||||
|
||||
# fail2ban
|
||||
$fn_jail_path = '/etc/fail2ban/jail.d'
|
||||
$fn_jail_file = "${fn_jail_path}/${ng_jail_order}-nagios.conf"
|
||||
$fn_filter_path = '/etc/fail2ban/filter.d'
|
||||
$fn_filter_file = "${fn_filter_path}/${ng_jail_order}-nagios.conf"
|
||||
|
||||
# includes must be last
|
||||
include confdroid_nagios::main::config
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user