I agree but if you delegate the access to the server-manager by an offical way and not a tricky way as i did with the module…the user with a granted access must be able to see the dashboard since something wrong is maybe occuring and he is not aware because he lacks the system overview
From my point of view it is a bug inherited from the past.
@filippo_carletti an opinion on this ?
From this point of view, I’m agree with you.
(When we take in managing an informatic system, we take full responsibility for what is happening with that system.
Therefore, the only ones who take the decisions are the system administrators appointed by me.
None of the customers users is not entitled to make changes or to have access to the core of the system (servers, routers, …) throughout the management contract.)
Regarding the dashboard, we are experimenting a bit on 7. At the moment, the idea is to have a single page dashboard (no tabs) and move all tabs to separate menu on the left side, under a collapsible Status menu.
I think this will solve the access problem.
The idea behind the read-only dashboard remains, but we could add some actions to some Status entries (the new Services allows start/stop/restart).
As usual, we really like comments on ideas.
Looks very promising!
Woah! Looks very very good… we need to test it more extensively
Yeah i reached the goal but i’m not satisfied since i won’t have translations (I simply call a bash script in the panel). If I want translations i must create an e-smith database to store banned ip with informations (which jails has banned, date of ban, IP NUMBER…), the database will be filled by an action when an ip will be banned or unbanned by fail2ban.
Like this I will have a big database that i can sort in many ways and translations in the panel.
IMHO, the output in English-only is enough.
Maybe I’m the only one who doesn’t care about translating this 
Why not but a modification seems to be done in the owncloud configuration file.
@giacomo some thougths to share
Owncloud configuration file is not a template, feel free to adjust at your own needs! 
it seems that owncloud logs without modification all failed logins to /var/www/html/owncloud/data/owncloud.log
{"app":"user_ldap","message":"Bind failed: 49: Invalid credentials","level":3,"time":"2016-03-04T17:15:14+00:00"}
{"app":"core","message":"Login failed: 'admin' (Remote IP: '192.168.12.25', X-Forwarded-For: '')","level":2,"time":"2016-03-04T17:15:14+00:00"}
{"app":"user_ldap","message":"Bind failed: 49: Invalid credentials","level":3,"time":"2016-03-04T17:15:19+00:00"}
{"app":"core","message":"Login failed: 'admin' (Remote IP: '192.168.12.25', X-Forwarded-For: '')","level":2,"time":"2016-03-04T17:15:19+00:00"}
it just needs to add our specific jails
Nous allons créer un nouveau filtre pour fail2ban dans /etc/fail2ban/filter.d/owncloud.conf :
[Definition]
#Pour owncloud <8
failregex = {"app":"core","message":"Login failed:(.*)IP: '<HOST>'
#Pour owncloud 8
failregex = {"reqId":".*","remoteAddr":".*","app":"core","message":"Login failed: '.*' \(Remote IP: '<HOST>', X-Forwarded-For: '.*'\)","level":2,"time":".*"}
Si l'accès est contrôlé par un proxy, on pourra modifier la règle pour repérer l'adresse IP associée au champ X-Forwarded-for :
[Definition]
#Pour owncloud <8
failregex = {"app":"core","message":"Login failed:(.*)X-Forwarded-For: '<HOST>'
#Pour owncloud 8
failregex = {"reqId":".*","remoteAddr":".*","app":"core","message":"Login failed: '.*' \(Remote IP: '.*', X-Forwarded-For: '<HOST>'\)","level":2,"time":".*"}
On peut alors créer une nouvelle règle dans /etc/fail2ban/jail.local :
[owncloud]
enabled = true
port = http,https
filter = owncloud
logpath = /var/www/owncloud/data/owncloud.log
maxretry = 6I can’t get it, jail for httpd is not enough ?
Nope, fail2ban works with some ‘grep filters’ in logs, once a rule matches something, an action is triggered. If owncloud would use the default logs of apache, we won’t need a special rule.
the logs of owncloud is /var/www/html/owncloud/data/owncloud.log and none of apache jails look something there.
It is the same issue with roundcubemail/sogo and their specific logs
released (without the owncloud jail)
yum install http://mirror.de-labrusse.fr/nethserver/nethserver-fail2ban/nethserver-fail2ban-0.0.6-1.ns6.sdl.noarch.rpm --enablerepo=epel
Thanks for your explanation and for the new version! Keep up the good work!
* Tue Mar 8 2016 Stephane de Labrusse <stephdl@de-labrusse.fr> - 0.0.7-ns6
- Owncloud Jail created
yum install http://mirror.de-labrusse.fr/nethserver/nethserver-fail2ban/nethserver-fail2ban-0.0.7-1.ns6.sdl.noarch.rpm --enablerepo=epelSorry i can test it only in a couple of days because tomorow (today) it will be my day shift 
