4 [ "$1" = "configure" ] || exit 0
5 [ "$DEBIAN_SCRIPT_DEBUG" ] && set -vx
8 . /usr/share/carnet-tools/functions.sh
10 CONF="/etc/fail2ban/jail.conf"
12 if [ -e "$CONF" ]; then
13 # enable ssh, pam-generic, sasl, proftpd and vsftpd service
14 echo "CN: Enabling SSH, PAM-generic, SASL and Dovecot support..."
15 perl -ne 'if (/^\[(ssh|pam-generic|sasl|dovecot)\]/ .. /^enabled/) { $_ =~ s/^enabled\s+=\s+false/enabled = true/gi }; print $_' "$CONF" > "$CONF.$$" && \
16 cp_mv "$CONF.$$" "$CONF"
19 if [ -f /var/log/vsftpd.log ]; then
20 echo "CN: Enabling vsftpd support..."
21 perl -ne 'if (/^\[vsftpd\]/ .. /^enabled/) { $_ =~ s/^enabled\s+=\s+false/enabled = true/gi }; print $_' "$CONF" > "$CONF.$$" && \
22 cp_mv "$CONF.$$" "$CONF"
25 echo "CN: Disabling vsftpd support..."
26 perl -ne 'if (/^\[vsftpd\]/ .. /^enabled/) { $_ =~ s/^enabled\s+=\s+true/enabled = false/gi }; print $_' "$CONF" > "$CONF.$$" && \
27 cp_mv "$CONF.$$" "$CONF"
31 if [ -f /var/log/proftpd/proftpd.log ]; then
32 echo "CN: Enabling ProFTPD support..."
33 perl -ne 'if (/^\[proftpd\]/ .. /^enabled/) { $_ =~ s/^enabled\s+=\s+false/enabled = true/gi }; print $_' "$CONF" > "$CONF.$$" && \
34 cp_mv "$CONF.$$" "$CONF"
37 echo "CN: Disabling ProFTPD support..."
38 perl -ne 'if (/^\[proftpd\]/ .. /^enabled/) { $_ =~ s/^enabled\s+=\s+true/enabled = false/gi }; print $_' "$CONF" > "$CONF.$$" && \
39 cp_mv "$CONF.$$" "$CONF"
43 # postfix-sasl in jessie, not sasl anymore
44 cp_check_and_sed 'filter[ ]*=[ ]*sasl' \
45 's/^filter[ ]*=[ ]*sasl/filter = postfix-sasl/gi' \
46 "$CONF" && echo "CN: Fixing sasl to postfix-sasl..." || true
48 # add network address and class if needed
49 cp_get_netaddr || true
51 IGNOREIP=$(grep '^ignoreip' "$CONF")
52 if ! echo "$IGNOREIP" | grep -q "$NETADDR"; then
53 echo "CN: Enabling local IP ranges exclusion..."
54 cp_check_and_sed '^ignoreip' \
55 "s;^\(ignoreip.*\)$;\1 $NETADDR;g" "$CONF" || true
59 # restart the services
60 service fail2ban restart || exit $?
62 # dh_installdeb will replace this with shell code automatically
63 # generated by other debhelper scripts.