fusionpbx-install.sh/freebsd/resources/fail2ban.sh

#!/bin/sh

#move to script directory so all relative paths work
cd "$(dirname "$0")"

#includes
. ./config.sh
. ./colors.sh

#send a message
verbose "Installing Fail2ban"

#add the dependencies
pkg install --yes py39-fail2ban

#enable fail2ban service
echo 'fail2ban_enable="YES"' >> /etc/rc.conf

#move the filters
cp fail2ban/freeswitch-dos.conf /usr/local/etc/fail2ban/filter.d/freeswitch-dos.conf
cp fail2ban/freeswitch-ip.conf /usr/local/etc/fail2ban/filter.d/freeswitch-ip.conf
cp fail2ban/freeswitch-404.conf /usr/local/etc/fail2ban/filter.d/freeswitch-404.conf
cp fail2ban/freeswitch.conf /usr/local/etc/fail2ban/filter.d/freeswitch.conf
cp fail2ban/fusionpbx.conf /usr/local/etc/fail2ban/filter.d/fusionpbx.conf
cp fail2ban/nginx-404.conf /usr/local/etc/fail2ban/filter.d/nginx-404.conf
cp fail2ban/nginx-dos.conf /usr/local/etc/fail2ban/filter.d/nginx-dos.conf
cp fail2ban/jail.local /usr/local/etc/fail2ban/jail.local
cp fail2ban/sip-auth-challenge-ip.conf /usr/local/etc/fail2ban/filter.d/sip-auth-challenge-ip.conf
cp fail2ban/sip-auth-challenge.conf /usr/local/etc/fail2ban/filter.d/sip-auth-challenge.conf

# Fix default setting for allowipv6 directive
mv /usr/local/etc/fail2ban/fail2ban.conf /usr/local/etc/fail2ban/fail2ban.conf.dist
cat /usr/local/etc/fail2ban/fail2ban.conf.dist | sed '/^#allowipv6/s//allowipv6/' > /usr/local/etc/fail2ban/fail2ban.conf
chown root:wheel /usr/local/etc/fail2ban/fail2ban.conf
chmod 0644 /usr/local/etc/fail2ban/fail2ban.conf

#restart fail2ban
service fail2ban start
Start the FreeBSD install script (not ready) 2017-03-25 18:41:47 +01:00			`#!/bin/sh`

			`#move to script directory so all relative paths work`
			`cd "$(dirname "$0")"`

			`#includes`
			`. ./config.sh`
			`. ./colors.sh`

			`#send a message`
			`verbose "Installing Fail2ban"`

			`#add the dependencies`
Fixes to allow deployment on FreeBSD 14 (#415) * Changing default domain name to hostname, setting default PostgreSQL version to 15 * Adding support for PostgreSQL 14 and 15 * Correcting user and group options for freeswitch runtime * Copying missing resources/fail2ban/freeswitch-dos.conf from debian dir, adding missing copy of sip-auth-challenge-ip.conf and sip-auth-challenge.conf, setting default setting for allowipv6 directive * Remove freeswitch database and user Reason for this change is if FreeSWITCH uses the PostgreSQL then its a good idea for it to use its own instance. This is to prevent blocking FreeSWITCH from accessing the database if there is a long running Query on the FusionPBX database * Changing default domain name to hostname, setting default PostgreSQL version to 15 * Adding support for PostgreSQL 14 and 15 * Correcting user and group options for freeswitch runtime * Copying missing resources/fail2ban/freeswitch-dos.conf from debian dir, adding missing copy of sip-auth-challenge-ip.conf and sip-auth-challenge.conf, setting default setting for allowipv6 directive --------- Co-authored-by: Charlie Root <root@sjcacs-test.gadallah.net> 2024-01-03 22:06:57 +01:00			`pkg install --yes py39-fail2ban`
Update fail2ban.sh 2017-03-25 19:20:27 +01:00
			`#enable fail2ban service`
			`echo 'fail2ban_enable="YES"' >> /etc/rc.conf`
Start the FreeBSD install script (not ready) 2017-03-25 18:41:47 +01:00
			`#move the filters`
Update fail2ban.sh 2017-03-25 19:20:27 +01:00			`cp fail2ban/freeswitch-dos.conf /usr/local/etc/fail2ban/filter.d/freeswitch-dos.conf`
			`cp fail2ban/freeswitch-ip.conf /usr/local/etc/fail2ban/filter.d/freeswitch-ip.conf`
			`cp fail2ban/freeswitch-404.conf /usr/local/etc/fail2ban/filter.d/freeswitch-404.conf`
			`cp fail2ban/freeswitch.conf /usr/local/etc/fail2ban/filter.d/freeswitch.conf`
			`cp fail2ban/fusionpbx.conf /usr/local/etc/fail2ban/filter.d/fusionpbx.conf`
			`cp fail2ban/nginx-404.conf /usr/local/etc/fail2ban/filter.d/nginx-404.conf`
			`cp fail2ban/nginx-dos.conf /usr/local/etc/fail2ban/filter.d/nginx-dos.conf`
			`cp fail2ban/jail.local /usr/local/etc/fail2ban/jail.local`
Fixes to allow deployment on FreeBSD 14 (#415) * Changing default domain name to hostname, setting default PostgreSQL version to 15 * Adding support for PostgreSQL 14 and 15 * Correcting user and group options for freeswitch runtime * Copying missing resources/fail2ban/freeswitch-dos.conf from debian dir, adding missing copy of sip-auth-challenge-ip.conf and sip-auth-challenge.conf, setting default setting for allowipv6 directive * Remove freeswitch database and user Reason for this change is if FreeSWITCH uses the PostgreSQL then its a good idea for it to use its own instance. This is to prevent blocking FreeSWITCH from accessing the database if there is a long running Query on the FusionPBX database * Changing default domain name to hostname, setting default PostgreSQL version to 15 * Adding support for PostgreSQL 14 and 15 * Correcting user and group options for freeswitch runtime * Copying missing resources/fail2ban/freeswitch-dos.conf from debian dir, adding missing copy of sip-auth-challenge-ip.conf and sip-auth-challenge.conf, setting default setting for allowipv6 directive --------- Co-authored-by: Charlie Root <root@sjcacs-test.gadallah.net> 2024-01-03 22:06:57 +01:00			`cp fail2ban/sip-auth-challenge-ip.conf /usr/local/etc/fail2ban/filter.d/sip-auth-challenge-ip.conf`
			`cp fail2ban/sip-auth-challenge.conf /usr/local/etc/fail2ban/filter.d/sip-auth-challenge.conf`

			`# Fix default setting for allowipv6 directive`
			`mv /usr/local/etc/fail2ban/fail2ban.conf /usr/local/etc/fail2ban/fail2ban.conf.dist`
			`cat /usr/local/etc/fail2ban/fail2ban.conf.dist \| sed '/^#allowipv6/s//allowipv6/' > /usr/local/etc/fail2ban/fail2ban.conf`
			`chown root:wheel /usr/local/etc/fail2ban/fail2ban.conf`
			`chmod 0644 /usr/local/etc/fail2ban/fail2ban.conf`
Start the FreeBSD install script (not ready) 2017-03-25 18:41:47 +01:00
			`#restart fail2ban`
Update fail2ban.sh 2017-06-24 21:32:35 +02:00			`service fail2ban start`