在Fail2Ban配置中使用bash脚本_Bash_Sendmail_Fail2ban

在Fail2Ban配置中使用bash脚本

bash

在Fail2Ban配置中使用bash脚本,bash,sendmail,fail2ban,Bash,Sendmail,Fail2ban,我想在Fail2Ban邮件中调用bash脚本。bash脚本调用restapi来获取fail2ban阻止的ip地址的用户名 # Fail2Ban configuration file # # Author: * # # [INCLUDES] before = sendmail-common.conf [Definition] # Option: actionban # Notes.: command executed when banning an IP. Take care that

我想在Fail2Ban邮件中调用bash脚本。bash脚本调用restapi来获取fail2ban阻止的ip地址的用户名

# Fail2Ban configuration file
#
# Author: *
#
#

[INCLUDES]

before = sendmail-common.conf

[Definition]

# Option:  actionban
# Notes.:  command executed when banning an IP. Take care that the
#          command is executed with Fail2Ban user rights.
# Tags:    See jail.conf(5) man page
# Values:  CMD
#
actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
            Date: `LC_ALL=C date +"%%a, %%d %%h %%Y %%T %%z"`
            From: <sendername> <<sender>>
            To: <dest>\n
            The following IP <ip> has just been banned by Fail2Ban after <failures> attempts against the acceptance environment of <name> on server.\n
            One or the following users could be the victim: \n 
            `/etc/fail2ban/restapi/getHttpSessions.sh | grep <ip>` \n | /usr/sbin/sendmail -f <sender> <dest>

[Init]

有没有办法在fail2ban配置文件中使用bash脚本，在bash创建的概览中查找IP地址

谢谢

我让它工作了。可能是语法中的一些问题。工作代码：

# Fail2Ban configuration file
#
# Author: Danny van den Berg
#
#

[INCLUDES]

before = sendmail-common.conf

[Definition]

# Option:  actionban
# Notes.:  command executed when banning an IP. Take care that the
#          command is executed with Fail2Ban user rights.
# Tags:    See jail.conf(5) man page
# Values:  CMD
#
actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
            Date: `LC_ALL=C date +"%%a, %%d %%h %%Y %%T %%z"`
            From: <sendername> <<sender>>
            To: <dest>\n
            The following IP <ip> has just been banned by Fail2Ban after <failures> attempts against the production environment of <name> on server.\n
            More information about the user:\n 
            [IP            | KEY] \n
            `/usr/bin/gethttpsessions | grep <ip> `\n\n" | /usr/sbin/sendmail -f <sender> <dest>

[Init]

# Default name of the chain
#
name = default

#Fail2Ban配置文件
#
#作者：丹尼·范登伯格
#
#
[包括]
before=sendmail-common.conf
[定义]
#选择：行动禁令
#注意：禁止IP时执行的命令。当心
#命令以Fail2Ban用户权限执行。
#标签：参见jail.conf（5）手册页
#值：CMD
#
actionban=printf%%b“主题：[Fail2Ban]：禁止使用'uname-n`
日期：`LC_ALL=C日期+“%%a、%%d%%h%%Y%%T%%z”`
发件人：
收件人：\n
在尝试攻击服务器上的生产环境后，Fail2Ban刚刚禁止了以下IP。\n
有关用户的详细信息：\n
[IP |密钥]\n
`/usr/bin/gethttpsessions | grep`\n\n“|/usr/sbin/sendmail-f
[初始化]
#链的默认名称
#
名称=默认值

# Fail2Ban configuration file
#
# Author: Danny van den Berg
#
#

[INCLUDES]

before = sendmail-common.conf

[Definition]

# Option:  actionban
# Notes.:  command executed when banning an IP. Take care that the
#          command is executed with Fail2Ban user rights.
# Tags:    See jail.conf(5) man page
# Values:  CMD
#
actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
            Date: `LC_ALL=C date +"%%a, %%d %%h %%Y %%T %%z"`
            From: <sendername> <<sender>>
            To: <dest>\n
            The following IP <ip> has just been banned by Fail2Ban after <failures> attempts against the production environment of <name> on server.\n
            More information about the user:\n 
            [IP            | KEY] \n
            `/usr/bin/gethttpsessions | grep <ip> `\n\n" | /usr/sbin/sendmail -f <sender> <dest>

[Init]

# Default name of the chain
#
name = default