Fail2ban - postfix-ddos.conf template

System version
NethServer release 7.7.1908 (final)
Kernel release
3.10.0-1062.9.1.el7.x86_64

Hi,
I am trying to make a custom postfix-ddos.conf (filter.d/fail2ban).

I have created a file here :
/etc/e-smith/templates-custom/etc/fail2ban/filter.d/postfix-ddos.conf/10base

With this content :

# Fail2Ban filter for selected Postfix DDOS
# my custom postfix-ddos.conf (take out EHLO cause of false positive Outlook Mac)
# 
[Definition]
failregex = lost connection after (AUTH|UNKNOWN|CONNECT) from (.*)\[<HOST>\]
ignoreregex =
# Author: stephane de Labrusse

But even after reboot, it doesnt apply.
What am I doing wrong?
Thanks a lot.

Did you expand the template?

expand-template /etc/fail2ban/filter.d/postfix-ddos.conf

1 Like

it is not a template, you cannot do a template custom, but you can make a template to rewrite the filter you can find at
/etc/fail2ban/filter.d/postfix-ddos.conf

think to add the file in the two events nethserver-fail2ban-update and nethserver-fail2ban-save

I just did it (expand-template) and it worked.

The file /etc/fail2ban/filter.d/postfix-ddos.conf is now updated with my templates-custom.

tx

I am not sure that I understand well (cannot do a custom template, but can do a template…)
I will read more about templates and events.

Thank you for your quick answer.

it is not a template, just a simple file that the rpm provides, so you cannot do a custom-template

rpm -qf /etc/fail2ban/filter.d/postfix-ddos.conf