From 63818aadb1a1f044f8af976943521e6c5a9889fb Mon Sep 17 00:00:00 2001
From: Jesse Luehrs <doy@tozt.net>
Date: Sun, 26 Apr 2020 17:39:54 -0400
Subject: add mailu fail2ban filter

---
 modules/fail2ban/files/filter/mailu.conf |  2 ++
 modules/fail2ban/files/jail/mailu.conf   |  3 +++
 modules/fail2ban/manifests/filter.pp     | 14 ++++++++++++++
 3 files changed, 19 insertions(+)
 create mode 100644 modules/fail2ban/files/filter/mailu.conf
 create mode 100644 modules/fail2ban/files/jail/mailu.conf
 create mode 100644 modules/fail2ban/manifests/filter.pp

(limited to 'modules/fail2ban')

diff --git a/modules/fail2ban/files/filter/mailu.conf b/modules/fail2ban/files/filter/mailu.conf
new file mode 100644
index 0000000..b83feb3
--- /dev/null
+++ b/modules/fail2ban/files/filter/mailu.conf
@@ -0,0 +1,2 @@
+[Definition]
+failregex = client login failed: "Authentication credentials invalid" while in http auth state, client: <HOST>,
diff --git a/modules/fail2ban/files/jail/mailu.conf b/modules/fail2ban/files/jail/mailu.conf
new file mode 100644
index 0000000..83ae9d8
--- /dev/null
+++ b/modules/fail2ban/files/jail/mailu.conf
@@ -0,0 +1,3 @@
+[mailu]
+enabled = true
+backend = systemd
diff --git a/modules/fail2ban/manifests/filter.pp b/modules/fail2ban/manifests/filter.pp
new file mode 100644
index 0000000..192f276
--- /dev/null
+++ b/modules/fail2ban/manifests/filter.pp
@@ -0,0 +1,14 @@
+define fail2ban::filter($source=undef) {
+  include fail2ban
+
+  $_source = $source ? {
+    undef => "puppet:///modules/fail2ban/filter/${name}.conf",
+    default => $source,
+  }
+
+  file { "/etc/fail2ban/filter.d/${name}.conf":
+    source => $_source,
+    require => Package["fail2ban"],
+    notify => Service["fail2ban"];
+  }
+}
-- 
cgit v1.2.3-54-g00ecf