modules/fail2ban/templates/jail.erb - Issue 29364214: Issue 2487 - Introduce fail2ban module

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Delta Between Two Patch Sets: modules/fail2ban/templates/jail.erb

Issue 29364214: Issue 2487 - Introduce fail2ban module (Closed)

Left Patch Set: Issue 2487 - Introduce fail2ban module Created Nov. 25, 2016, 3:17 p.m.

Right Patch Set: For comment 22 and 23 Created Dec. 2, 2016, 2:22 p.m.

Left:
Right:

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

Left: Side by side diff | Download
Right: Side by side diff | Download

LEFT	RIGHT
1 <% @jail_config.each do \|name, config\| -%>	1 <% @jails.each do \|name, config\| -%>

2 <% if !config['logpath'].empty? -%>	2 <% if !config['logpath'].empty? -%>

3 [<%= name %>]	3 [<%= name %>]

	4 <% if config['filter'].empty? -%>

	5 filter = <%= name %>

	6 <% end -%>

	7 <% configuration = scope.function_merge(@jail_default, config) -%>

	8 <% configuration.each do \|key, value\| -%>

	9 <%= key %> = <%= value %>

	10 <% end %>

	11 <% else -%>

	12 <% raise Puppet::Error, "Log path missing from configuration" -%>

	13 <% end -%>

	14 <% end -%>

4	15

5 enabled = <%= config['enabled'] \|\|= true %>

6 port = <%= config['port'] \|\|= 'all' %>
f.nicolaisen 2016/11/25 16:23:30 'all' is not a valid port range for iptables, ref 'all' is not a valid port range for iptables, ref earlier comments. It leads to this command failing (note that fail2ban does not print the reason in its log for some reason): root@issues1:~# iptables -I INPUT -p tcp -m multiport --dports all -j fail2ban-wordpress iptables v1.4.12: invalid port/service `all' specified f.lopez 2016/11/25 17:41:10 Well, according to the examples provided by fail2b Show quoted text On 2016/11/25 16:23:30, f.nicolaisen wrote: > 'all' is not a valid port range for iptables, ref earlier comments. It leads to > this command failing (note that fail2ban does not print the reason in its log > for some reason): > > root@issues1:~# iptables -I INPUT -p tcp -m multiport --dports all -j > fail2ban-wordpress > iptables v1.4.12: invalid port/service `all' specified Well, according to the examples provided by fail2ban and the actual templates on the jail.conf, this is an acceptable way of telling fail2ban to block all the ports, but this file should be a different template anyways.
7 filter = <%= name %>

8 logpath = <%= config['logpath'] %>

9 maxretry = <%= config['maxretry'] \|\|= 6 %>

10 bantime = <%= config['bantime']\|\|= 3600 %>

11 <% end -%>

12 <% end -%>

LEFT	RIGHT