CONF=/etc/fail2ban/jail.conf
if [ -e "$CONF" ]; then
- # enable ssh and pam-generic services
- perl -ne 'if (/\[(ssh|pam-generic)\]/ .. /enabled/) { $_ =~ s/enabled = false/enabled = true/gi }; print $_' "$CONF" > "$CONF.$$" && \
- mv "$CONF.$$" "$CONF"
+ # enable ssh, pam-generic, sasl, proftpd and vsftpd service
+ perl -ne 'if (/\[(ssh|pam-generic|sasl|proftpd|vsftpd)\]/ .. /enabled/) { $_ =~ s/^enabled\s=\sfalse/enabled = true/gi }; print $_' "$CONF" > "$CONF.$$" && \
+ cp_mv "$CONF.$$" "$CONF"
rm -f "$CONF.$$"
+ # enable dovecot service
+ cp -a "$CONF" "$CONF.$$"
+ cp-update fail2ban-cn "$CONF.$$" <<EOF
+[dovecot]
+
+enabled = true
+port = 110,143
+protocol = tcp
+filter = dovecot
+logpath = /var/log/mail.log
+EOF
+ cp_mv "$CONF.$$" "$CONF"
+
# add network address and class if needed
cp_get_netaddr || true
NETADDR="$RET"