From 0759d24230f3b80e606ff4cbbf08cd425f5dfa3a Mon Sep 17 00:00:00 2001
From: Ivan Rako <irako@nekkar.carnet.hr>
Date: Fri, 28 Apr 2017 16:36:04 +0200
Subject: [PATCH] provjera da li postoje logovi za vsftpd i proftpd; promjena
 sasl filtera u postfix-sasl

---
 debian/changelog |    7 +++++++
 debian/postinst  |   34 ++++++++++++++++++++++++++++++++--
 2 files changed, 39 insertions(+), 2 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index f7dfb20..b980e3b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+fail2ban-cn (0.8.13~cn1) stable; urgency=low
+
+  * Provjera da li postoje logovi za vsftpd i proftpd
+  * Promjena sasl filtera u postfix-sasl
+
+ -- Ivan Rako <Ivan.Rako@CARNet.hr>  Fri, 28 Apr 2017 16:35:42 +0200
+
 fail2ban-cn (0.8.13~cn0) stable; urgency=low
 
   * Prva verzija za jessie
diff --git a/debian/postinst b/debian/postinst
index cbd1e67..86ef053 100755
--- a/debian/postinst
+++ b/debian/postinst
@@ -4,6 +4,7 @@
 # see: dh_installdeb(1)
 
 set -e
+[ "$CARNET_SCRIPT_DEBUG" ] && set -vx
 
 # summary of how this script can be called:
 #        * <postinst> `configure' <most-recently-configured-version>
@@ -34,11 +35,40 @@ CONF="/etc/fail2ban/jail.conf"
 
 if [ -e "$CONF" ]; then
     # enable ssh, pam-generic, sasl, proftpd and vsftpd service
-    echo "CN: Enabling SSH, PAM-generic, SASL, ProFTPD, vsftpd and Dovecot support..."
-    perl -ne 'if (/^\[(ssh|pam-generic|sasl|proftpd|vsftpd|dovecot)\]/ .. /^enabled/) { $_ =~ s/^enabled\s+=\s+false/enabled	= true/gi }; print $_' "$CONF" > "$CONF.$$" && \
+    echo "CN: Enabling SSH, PAM-generic, SASL and Dovecot support..."
+    perl -ne 'if (/^\[(ssh|pam-generic|sasl|dovecot)\]/ .. /^enabled/) { $_ =~ s/^enabled\s+=\s+false/enabled  = true/gi }; print $_' "$CONF" > "$CONF.$$" && \
         cp_mv "$CONF.$$" "$CONF"
     rm -f "$CONF.$$"
 
+    if [ -f /var/log/vsftpd.log ]; then
+      echo "CN: Enabling vsftpd support..."
+      perl -ne 'if (/^\[vsftpd\]/ .. /^enabled/) { $_ =~ s/^enabled\s+=\s+false/enabled  = true/gi }; print $_' "$CONF" > "$CONF.$$" && \
+          cp_mv "$CONF.$$" "$CONF"
+      rm -f "$CONF.$$"
+    else
+      echo "CN: Disabling vsftpd support..."
+      perl -ne 'if (/^\[vsftpd\]/ .. /^enabled/) { $_ =~ s/^enabled\s+=\s+true/enabled  = false/gi }; print $_' "$CONF" > "$CONF.$$" && \
+          cp_mv "$CONF.$$" "$CONF"
+      rm -f "$CONF.$$"
+    fi
+
+    if [ -f /var/log/proftpd/proftpd.log ]; then
+      echo "CN: Enabling ProFTPD support..."
+      perl -ne 'if (/^\[proftpd\]/ .. /^enabled/) { $_ =~ s/^enabled\s+=\s+false/enabled  = true/gi }; print $_' "$CONF" > "$CONF.$$" && \
+          cp_mv "$CONF.$$" "$CONF"
+      rm -f "$CONF.$$"
+   else
+      echo "CN: Disabling ProFTPD support..."
+      perl -ne 'if (/^\[proftpd\]/ .. /^enabled/) { $_ =~ s/^enabled\s+=\s+true/enabled  = false/gi }; print $_' "$CONF" > "$CONF.$$" && \
+          cp_mv "$CONF.$$" "$CONF"
+      rm -f "$CONF.$$"
+    fi
+
+    # postfix-sasl in jessie, not sasl anymore
+    cp_check_and_sed 'filter[ ]*=[ ]*sasl' \
+                     's/^filter[ ]*=[ ]*sasl/filter	= postfix-sasl/gi' \
+                     "$CONF" && echo "CN: Fixing sasl to postfix-sasl..." || true
+
     # add network address and class if needed
     cp_get_netaddr || true
     NETADDR="$RET"
-- 
1.7.10.4