search

Oefenweb / ansible-fail2ban

Ansible role to set up fail2ban in Debian-like systems
MIT License
118 stars 55 forks source link

Fix action variable in template #29

Closed j4m3s closed 7 years ago

j4m3s commented 8 years ago

Fixes #20

tersmitten commented 7 years ago

@j4m3s Do you think:

# The simplest action to take: ban only
action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]

# ban & send an e-mail with whois report to the destemail.
action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
              %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"]

# ban & send an e-mail with whois report and relevant log lines
# to the destemail.
action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
               %(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s"]

should also be changed?

j4m3s commented 7 years ago

Sorry @tersmitten I'm a bit rusty - which bit should be changed?

tersmitten commented 7 years ago

The expansion of %(banaction)s in jail.local.j2

j4m3s commented 7 years ago

No I think that's correct (as you pasted) - banaction should be expanded as it goes into action_. %(xyz) is just like {$xyz} in php and it needs to be expanded inside action_ otherwise we'll be left with just a "banaction" string.

Sorry if I misunderstood the question :)