# import CN-functions
. /usr/share/carnet-tools/functions.sh
-CONF=/etc/fail2ban/jail.conf
+CONF="/etc/fail2ban/jail.conf"
if [ -e "$CONF" ]; then
- # enable ssh and pam-generic services
- perl -ne 'if (/\[(ssh|pam-generic)\]/ .. /enabled/) { $_ =~ s/enabled = false/enabled = true/gi }; print $_' "$CONF" > "$CONF.$$" && \
+ # enable ssh, pam-generic, sasl, proftpd and vsftpd service
+ echo "CN: Enabling SSH, PAM-generic, SASL, ProFTPD, vsftpd and Dovecot support..."
+ perl -ne 'if (/^\[(ssh|pam-generic|sasl|proftpd|vsftpd|dovecot)\]/ .. /^enabled/) { $_ =~ s/^enabled\s+=\s+false/enabled = true/gi }; print $_' "$CONF" > "$CONF.$$" && \
cp_mv "$CONF.$$" "$CONF"
rm -f "$CONF.$$"
NETADDR="$RET"
IGNOREIP=$(grep '^ignoreip' "$CONF")
if ! echo "$IGNOREIP" | grep -q "$NETADDR"; then
+ echo "CN: Enabling local IP ranges exclusion..."
cp_check_and_sed '^ignoreip' \
"s;^\(ignoreip.*\)$;\1 $NETADDR;g" "$CONF" || true
fi