fail2ban
scans log files for malicious activity and executes actions based on what it finds.
WARNING: BREAKING CHANGES SINCE v1.0.0 |
---|
Prior to
v1.0.0,
this formula provided two methods for managing Fail2Ban;
the old method under If you are not in a position to migrate, please pin your repo to the final release tag before v1.0.0, i.e. v0.17.2. To migrate from To migrate from the old |
Table of Contents
See the full SaltStack Formulas installation and usage instructions.
If you are interested in writing or contributing to formulas, please pay attention to the Writing Formula Section.
If you want to use this formula, please pay attention to the FORMULA
file and/or git tag
,
which contains the currently released version. This formula is versioned according to Semantic Versioning.
See Formula Versioning Section for more details.
Commit message formatting is significant!!
Please see How to contribute for more details.
Meta state for inclusion of all states.
Install the fail2ban
package.
Configure fail2ban creating a jail.local
file based on pillar data that overrid jail.conf
. It also creates a file.local
per action/filter. Either in jails, actions or filters is possible to setup a source_path
options to upload your configuration directly (see pillar.example
). It is also possible to remove either actions or filters setting up enabled: False
in it section (see pillar.example
).
It is also possible to specify the source file for config, jails, actions and filters instead of using the template:
fail2ban:
ng:
config:
source_path: salt://path-to-fail2ban-config-file
jails:
source_path: salt://path-to-fail2ban-config-file
actions:
name-of-action:
config:
source_path: salt://path-to-action-file
filters:
name-of-filter:
config:
source_path: salt://path-to-filter-file
Manage fail2ban service. It is also possible to disable the service using the following pillar configuration:
fail2ban:
enabled: false
Linux testing is done with kitchen-salt
.
- Ruby
- Docker
$ gem install bundler
$ bundle install
$ bin/kitchen test [platform]
Where [platform]
is the platform name defined in kitchen.yml
,
e.g. debian-9-2019-2-py3
.
Creates the docker instance and runs the fail2ban
main state, ready for testing.
Runs the inspec
tests on the actual instance.
Removes the docker instance.
Runs all of the stages above in one go: i.e. destroy
+ converge
+ verify
+ destroy
.
Gives you SSH access to the instance for manual testing.