dstein/pusher
1
0
Fork 0
mirror of https://github.com/HackHerz/pusher synced 2025-12-06 02:10:19 +00:00
Code Issues Releases Activity

Fail2ban example added

Browse source
This commit is contained in:
Daniel Stein 2018-01-10 13:34:44 +01:00
parent f455814c6a
commit d0a1fa6029
No known key found for this signature in database
GPG key ID: 877E81B790A1E083
3 changed files with 69 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
examples/README.md
View file

@ -6,3 +6,4 @@ This is a collection of examples how you can user pusher. Feel free to contact m
## Server ## Server
- [Notification on SSH login](https://github.com/HackHerz/pusher/blob/master/examples/ssh-notification.md) - [Notification on SSH login](https://github.com/HackHerz/pusher/blob/master/examples/ssh-notification.md)
- [Notification for fail2ban](https://github.com/HackHerz/pusher/blob/master/examples/fail2ban-notification.md)

17
examples/fail2ban-notification.md Normal file
View file

@ -0,0 +1,17 @@
# Notification for fail2ban
Copy [pusher.conf](https://github.com/HackHerz/pusher/blob/master/examples/pusher.conf) to **/etc/fail2ban/action.d/** and insert this snippet in your *jail.local*.
```
[ssh]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 6
action = pusher[name=ssh, dest=ONQ]
```
Example is for SSH and change ONQ to your own Device-ID.

51
examples/pusher.conf Normal file
View file

@ -0,0 +1,51 @@
# Fail2Ban configuration file
#
# author: hackherz
#
[Definition]
# Option: actionstart
# Notes.: command executed once at the start of Fail2Ban.
# Values: CMD
#
actionstart = /usr/local/bin/pusher -i <dest> "[Fail2Ban] <name>: started on `uname -n`"
# Option: actionstop
# Notes.: command executed once at the end of Fail2Ban
# Values: CMD
#
actionstop = /usr/local/bin/pusher -i <dest> "[Fail2Ban] <name>: stopped on `uname -n`"
# Option: actioncheck
# Notes.: command executed once before each actionban command
# Values: CMD
#
actioncheck =
# Option: actionban
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: See jail.conf(5) man page
# Values: CMD
#
actionban = /usr/local/bin/pusher -i <dest> "[Fail2Ban] <name>: banned <ip> from `uname -n`"
# Option: actionunban
# Notes.: command executed when unbanning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: See jail.conf(5) man page
# Values: CMD
#
actionunban =
[Init]
# Default name of the chain
#
name = default
# Destination/Addressee of the mail
#
dest = default # change this to your default device id