File: //usr/libexec/webmin/fail2ban/save_jaildef.cgi
#!/usr/bin/perl
# Update default jail options
use strict;
use warnings;
no warnings 'redefine';
no warnings 'uninitialized';
require './fail2ban-lib.pl';
our (%in, %text, %config);
&ReadParse();
&error_setup($text{'jaildef_err'});
# Find default jail
my @jails = &list_jails();
my ($jail) = grep { $_->{'name'} eq 'DEFAULT' } @jails;
$jail || &error($text{'jaildef_egone'});
# Validate inputs
foreach my $f ("maxretry", "findtime", "bantime") {
$in{$f.'_def'} || $in{$f} =~ /^\-?\d+(\.\d+)?[mhdwy]?$/ ||
&error($text{'jail_e'.$f});
}
$in{'destemail_def'} || $in{'destemail'} =~ /^\S+(\@\S+)?$/ ||
&error($text{'jail_edestemail'});
my @ignoreips = $in{'ignoreip_def'} ? ( ) : split(/\s+/, $in{'ignoreip'});
foreach my $ip (@ignoreips) {
&check_ipaddress($ip) || &check_ip6address($ip) ||
($ip =~ /^([0-9\.]+)\/(\d+)/ && &check_ipaddress("$1")) ||
&to_ipaddress($ip) ||
&error($text{'jail_eignoreip'});
}
# Update the jail
&lock_all_config_files();
my %defaults = (
'maxretry' => 3,
'findtime' => 600,
'bantime' => 600,
);
foreach my $f ("maxretry", "findtime", "bantime") {
&save_directive($f, $in{$f."_def"} ? $defaults{$f} : $in{$f}, $jail);
}
&save_directive("ignoreip", @ignoreips ? join(" ", @ignoreips) : undef, $jail);
&save_directive("backend", $in{'backend'} || undef, $jail);
&save_directive("destemail", $in{'destemail_def'} ? undef : $in{'destemail'},
$jail);
&save_directive("banaction", $in{'banaction'} || undef, $jail);
&save_directive("protocol", $in{'protocol'} || undef, $jail);
&unlock_all_config_files();
&webmin_log("jaildef");
&redirect("list_jails.cgi");