New steps for fail2ban and postfix (postfix-queue postfixdetailed)
This commit is contained in:
88
seqs/snmp.sh
88
seqs/snmp.sh
@@ -260,8 +260,94 @@ step_30() {
|
||||
}
|
||||
nginxExtendLoc="${toolConfigLoc}/nginx"
|
||||
|
||||
# postfix
|
||||
step_32_info() { echo "Extend for postfix detailed and queue"; }
|
||||
step_32_alias() { ALIAS="postfix"; }
|
||||
step_32() {
|
||||
local aptOpt=
|
||||
if [ $QUIET -ne 0 ];then
|
||||
aptOpt="-y"
|
||||
fi
|
||||
|
||||
exe wget https://github.com/librenms/librenms-agent/raw/master/snmp/postfix-queues -O "${postfixQueuesExtendLoc}"
|
||||
endReturn -o $? "Download postfix-queues failed"
|
||||
exe wget https://github.com/librenms/librenms-agent/raw/master/snmp/postfixdetailed -O "${postfixScript}"
|
||||
endReturn -o $? "Download postfixdetailed failed"
|
||||
|
||||
exe chmod +x "${postfixQueuesExtendLoc}"
|
||||
exe chmod +x "${postfixScript}"
|
||||
|
||||
exe apt install $postfixDeps $aptOpt
|
||||
}
|
||||
postfixDeps="pflogsumm"
|
||||
|
||||
step_33_info() { echo "Prepare cache folder for postfix details"; }
|
||||
step_33() {
|
||||
exe touch "$postfixCacheLoc"
|
||||
exe chown root:$toolSysUser "$postfixCacheLoc"
|
||||
exe chmod 770 "$postfixCacheLoc"
|
||||
|
||||
echo " [I] Create symlink /var/log/maillog which is used by postfixdetailed"
|
||||
exe ln -fs /var/log/mail.log /var/log/maillog
|
||||
|
||||
echo " [I] Run /etc/snmp/postfixdetailed to create the initial cache file"
|
||||
echo " so you don't end up with some crazy initial starting value."
|
||||
exe sudo -u $toolSysUser "$postfixScript"
|
||||
}
|
||||
postfixCacheLoc="/var/cache/postfixdetailed"
|
||||
postfixScript="${toolConfigLoc}/postfixdetailed"
|
||||
postfixQueuesExtendLoc="${toolConfigLoc}/postfix-queues"
|
||||
|
||||
step_34_info() { echo "Create postfix extends (postfixdetailed and postfix-queues)"; }
|
||||
step_34() {
|
||||
checkExtend postfix-queues
|
||||
if [ $? -eq 0 ]; then
|
||||
echo " [I] Create postfix-queues extend"
|
||||
addConf -a "extend mailq ${postfixQueuesExtendLoc}" "$toolConfig"
|
||||
fi
|
||||
checkExtend postfix-queues
|
||||
if [ $? -eq 0 ]; then
|
||||
echo " [I] Create postfixdetailed extend"
|
||||
addConf -a "extend postfixdetailed ${postfixScript}" "$toolConfig"
|
||||
fi
|
||||
|
||||
exe service snmpd restart
|
||||
}
|
||||
|
||||
#fail2ban
|
||||
#exe wget https://github.com/librenms/librenms-agent/raw/master/snmp/fail2ban -O "${toolConfig}/fail2ban"
|
||||
step_36_info() { echo "Extend for fail2ban jail information"; }
|
||||
step_36_alias() { ALIAS="fail2ban"; }
|
||||
step_36(){
|
||||
local aptOpt=
|
||||
if [ $QUIET -ne 0 ];then
|
||||
aptOpt="-y"
|
||||
fi
|
||||
|
||||
exe wget https://github.com/librenms/librenms-agent/raw/master/snmp/fail2ban -O "${fail2banExtendLoc}"
|
||||
endReturn -o $? "Download postfix failed"
|
||||
|
||||
exe chmod +x "$fail2banExtendLoc"
|
||||
|
||||
checkExtend fail2ban
|
||||
if [ $? -eq 0 ]; then
|
||||
echo " [I] Create fail2ban extend"
|
||||
addConf -a "extend fail2ban ${fail2banExtendLoc} -c" "$toolConfig"
|
||||
else
|
||||
echo " [W] Fail2ban extend already included"
|
||||
fi
|
||||
|
||||
exe apt install $fail2banDeps $aptOpt
|
||||
}
|
||||
fail2banDeps="libjson-perl"
|
||||
fail2banExtendLoc="${toolConfigLoc}/fail2ban"
|
||||
|
||||
step_37_info() { echo "Create cron to update fail2ban cache"; }
|
||||
step_37() {
|
||||
addConf -s "$fail2banCron" "$fail2banCronLoc"
|
||||
}
|
||||
fail2banCronLoc="/etc/cron.d/fail2banCache"
|
||||
fail2banCron="# Update cache for faster fail2ban polling
|
||||
*/3 * * * * root ${fail2banExtendLoc} -u"
|
||||
|
||||
checkExtend() {
|
||||
# adding dry run output for clarification
|
||||
|
||||
Reference in New Issue
Block a user