QUESTION Fail2Ban email contents

LesD

LesD

Member
Joined
Nov 8, 2009
Messages
408
Reaction score
15
I would like to look at the code that generates the F2B emails.

Does anyone know where I can find it?

I am particularly interested to know how all the WhoIs info is obtained and put into an email.

Thank you.
 
Thank you very much again.

I have found the appropriate section there and it contains
Code: 
actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip>
            From: Fail2Ban <<sender>>
            To: <dest>\n
            Hi,\n
            The IP <ip> has just been banned by Fail2Ban after
            <failures> attempts against <name>.\n\n
            Here are more information about <ip>:\n
            `/usr/bin/whois <ip>`\n
            Regards,\n
            Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
So it seems that the line that does all the magic is
Code: 
`/usr/bin/whois <ip>`\n
which I presume calls the 'whois' program passing it the IP which somehow pipes the data into the email.

But when I look at /usr/bin/whois in Webmin it shows whois as a 6 B 'something'

What can you code into 6 bytes? :) Must be some pointer somewhere else?

Just showing my ignorance about Linux I suppose :(
 
You must log in or register to reply here.

Members online

Total: 75 (members: 2, guests: 73)

Latest Posts

Forum statistics

Threads
26,687
Messages
174,410
Members
20,257
Latest member
Dempan
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.
Verify your Email

Check your inbox!

We’ve sent you an email. Click on the button in the email body to verify your email address – (if you can not find it, check your spam folder).

Upon verification you will be directed to the 3CX setup wizard.

Back
Top