6 лет назад · 8f8d30feb3
--- a/install/deb/fail2ban/jail.local
+++ b/install/deb/fail2ban/jail.local
@@ -13,16 +13,16 @@ logpath  = /var/log/vsftpd.log
 
				 maxretry = 5
			
 
				 
			
 
				 [exim-iptables]
			
 
				-enabled = true
			
 
				-filter  = exim
			
 
				-action  = hestia[name=MAIL]
			
 
				-logpath = /var/log/exim4/mainlog
			
 
				+enabled  = true
			
 
				+filter   = exim
			
 
				+action   = hestia[name=MAIL]
			
 
				+logpath  = /var/log/exim4/mainlog
			
 
				 
			
 
				 [dovecot-iptables]
			
 
				-enabled = true
			
 
				-filter  = dovecot
			
 
				-action  = hestia[name=MAIL]
			
 
				-logpath = /var/log/dovecot.log
			
 
				+enabled  = true
			
 
				+filter   = dovecot
			
 
				+action   = hestia[name=MAIL]
			
 
				+logpath  = /var/log/dovecot.log
			
 
				 
			
 
				 [mysqld-iptables]
			
 
				 enabled  = false
			
@@ -32,22 +32,24 @@ logpath  = /var/log/mysql.log
 
				 maxretry = 5
			
 
				 
			
 
				 [hestia-iptables]
			
 
				-enabled = true
			
 
				-filter  = hestia
			
 
				-action  = hestia[name=HESTIA]
			
 
				-logpath = /var/log/hestia/auth.log
			
 
				+enabled  = true
			
 
				+filter   = hestia
			
 
				+action   = hestia[name=HESTIA]
			
 
				+logpath  = /var/log/hestia/auth.log
			
 
				 maxretry = 5
			
 
				 
			
 
				 [roundcube-auth]
			
 
				 enabled  = false
			
 
				 filter   = roundcube-auth
			
 
				-action  = hestia[name=WEB]
			
 
				+action   = hestia[name=WEB]
			
 
				 logpath  = /var/log/roundcube/errors
			
 
				 maxretry = 5
			
 
				 
			
 
				 [recidive]
			
 
				 enabled  = true
			
 
				-action   = hestia[name=RECIDIVE]
			
 
				+filter   = recidive
			
 
				+action   = hestia[name=HESTIA]
			
 
				+logpath  = /var/log/fail2ban.log
			
 
				 maxretry = 3
			
 
				 findtime = 86400
			
 
				 bantime  = 864000
			
--- a/install/upgrade/versions/latest.sh
+++ b/install/upgrade/versions/latest.sh
@@ -67,12 +67,6 @@ fi
 
				 # Implement recidive jail for fail2ban
			
 
				 if [ ! -z "$FIREWALL_EXTENSION" ]; then
			
 
				     if ! cat /etc/fail2ban/jail.local | grep -q "recidive"; then
			
 
				-        echo -e "\n\n[recidive]\nenabled  = true\naction   = hestia[name=RECIDIVE]\nmaxretry = 3\nfindtime = 86400\nbantime  = 864000" >> /etc/fail2ban/jail.local
			
 
				+        echo -e "\n\n[recidive]\nenabled  = true\nfilter   = recidive\naction   = hestia[name=HESTIA]\nlogpath  = /var/log/fail2ban.log\nmaxretry = 3\nfindtime = 86400\nbantime  = 864000" >> /etc/fail2ban/jail.local
			
 
				     fi
			
 
				 fi
			
 
				-
			
 
				-# Update webmail templates to enable OCSP/SSL stapling
			
 
				-if [ ! -z "$IMAP_SYSTEM" ]; then
			
 
				-    echo "(*) Enabling OCSP stapling support for webmail services..."
			
 
				-    $BIN/v-update-mail-templates > /dev/null 2>&1
			
 
				-fi