#!/bin/bash toolName=fail2ban toolDeps="$toolName" toolConfDir="/etc/fail2ban" toolConfLoc="$toolConfDir/jail.local" toolFilter="$toolConfDir/filter.d" toolJails="$toolConfDir/jail.d" # Get script working directory # (when called from a different directory) WDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >>/dev/null 2>&1 && pwd )" CONFIG=0 CONFIG_FILE_NAME="${toolName}.cfg" CONFIG_FILE_TEMPLATE="$WDIR/${CONFIG_FILE_NAME}.example" CONFIG_DIR="$WDIR/fail2ban" CONFIG_FILTER="$CONFIG_DIR/filter.d" CONFIG_JAILS="$CONFIG_DIR/jail.d" #step_config() { # echo "Called once before executing steps." # ## e.g. to source a config file manually: # #. "$CONFIG_FILE" # ## or to use sequencer api: # #initSeqConfig "$CONFIG_FILE_NAME" "$CONFIG_FILE_TEMPLATE" # #if [ $? -eq 0 ] ; then # # CONFIG=1 # #fi #} step_1_info() { echo "Install $toolName"; } step_1_alias() { ALIAS="install"; } step_1() { local aptOpt= if [ $QUIET -ne 0 ];then aptOpt="-y" fi exe apt update exe apt install $toolDeps $aptOpt } step_2_info() { echo "Base jail configuration to use ufw"; } step_2_alias() { ALIAS="config"; } step_2() { echo " [I] Create local configuration"; addConf -f "$failConfLocal" "$toolConfLoc" exe service $toolName restart } failConfLocal="[DEFAULT] banaction = ufw banaction_multiport = ufw ignoreip = 127.0.0.1/8 ::1" step_3_info() { echo "Add basic ip-blacklist"; } step_3_alias() { ALIAS="blacklist"; } step_3() { echo " [I] Adding filter" addConf -s -f "$ipBlackListFilter" "$toolFilter/$(basename $ipBlackListFilter)" addConf -s -f "$ipBlackListJail" "$toolJails/$(basename $ipBlackListJail)" addConf -s -f "$ipBlackList" "$toolConfDir/$(basename $ipBlackList)" exe service $toolName restart } ipBlackList="$CONFIG_DIR/ip.blacklist" ipBlackListJail="$CONFIG_JAILS/ip-blacklist.conf" ipBlackListFilter="$CONFIG_FILTER/ip-blacklist.conf" step_4_info() { echo "$toolName notes"; } step_4_alias() { ALIAS="notes"; } step_4() { cat <