在Fail2Ban配置中使用bash脚本
我想在Fail2Ban邮件中调用bash脚本。bash脚本调用restapi来获取fail2ban阻止的ip地址的用户名在Fail2Ban配置中使用bash脚本,bash,sendmail,fail2ban,Bash,Sendmail,Fail2ban,我想在Fail2Ban邮件中调用bash脚本。bash脚本调用restapi来获取fail2ban阻止的ip地址的用户名 # Fail2Ban configuration file # # Author: * # # [INCLUDES] before = sendmail-common.conf [Definition] # Option: actionban # Notes.: command executed when banning an IP. Take care that
# Fail2Ban configuration file
#
# Author: *
#
#
[INCLUDES]
before = sendmail-common.conf
[Definition]
# Option: actionban
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: See jail.conf(5) man page
# Values: CMD
#
actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
Date: `LC_ALL=C date +"%%a, %%d %%h %%Y %%T %%z"`
From: <sendername> <<sender>>
To: <dest>\n
The following IP <ip> has just been banned by Fail2Ban after <failures> attempts against the acceptance environment of <name> on server.\n
One or the following users could be the victim: \n
`/etc/fail2ban/restapi/getHttpSessions.sh | grep <ip>` \n | /usr/sbin/sendmail -f <sender> <dest>
[Init]
有没有办法在fail2ban配置文件中使用bash脚本,在bash创建的概览中查找IP地址
谢谢 我让它工作了。可能是语法中的一些问题。工作代码:
# Fail2Ban configuration file
#
# Author: Danny van den Berg
#
#
[INCLUDES]
before = sendmail-common.conf
[Definition]
# Option: actionban
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: See jail.conf(5) man page
# Values: CMD
#
actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
Date: `LC_ALL=C date +"%%a, %%d %%h %%Y %%T %%z"`
From: <sendername> <<sender>>
To: <dest>\n
The following IP <ip> has just been banned by Fail2Ban after <failures> attempts against the production environment of <name> on server.\n
More information about the user:\n
[IP | KEY] \n
`/usr/bin/gethttpsessions | grep <ip> `\n\n" | /usr/sbin/sendmail -f <sender> <dest>
[Init]
# Default name of the chain
#
name = default
#Fail2Ban配置文件
#
#作者:丹尼·范登伯格
#
#
[包括]
before=sendmail-common.conf
[定义]
#选择:行动禁令
#注意:禁止IP时执行的命令。当心
#命令以Fail2Ban用户权限执行。
#标签:参见jail.conf(5)手册页
#值:CMD
#
actionban=printf%%b“主题:[Fail2Ban]:禁止使用'uname-n`
日期:`LC_ALL=C日期+“%%a、%%d%%h%%Y%%T%%z”`
发件人:
收件人:\n
在尝试攻击服务器上的生产环境后,Fail2Ban刚刚禁止了以下IP。\n
有关用户的详细信息:\n
[IP |密钥]\n
`/usr/bin/gethttpsessions | grep`\n\n“|/usr/sbin/sendmail-f
[初始化]
#链的默认名称
#
名称=默认值
# Fail2Ban configuration file
#
# Author: Danny van den Berg
#
#
[INCLUDES]
before = sendmail-common.conf
[Definition]
# Option: actionban
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: See jail.conf(5) man page
# Values: CMD
#
actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
Date: `LC_ALL=C date +"%%a, %%d %%h %%Y %%T %%z"`
From: <sendername> <<sender>>
To: <dest>\n
The following IP <ip> has just been banned by Fail2Ban after <failures> attempts against the production environment of <name> on server.\n
More information about the user:\n
[IP | KEY] \n
`/usr/bin/gethttpsessions | grep <ip> `\n\n" | /usr/sbin/sendmail -f <sender> <dest>
[Init]
# Default name of the chain
#
name = default