From 7145c380b0bcd60741ca4c6ef93503f0e1f4c56d Mon Sep 17 00:00:00 2001 From: andryyy Date: Mon, 10 Jun 2019 22:40:21 +0200 Subject: [PATCH] [Watchdog] Minor text changes and send whois report of banned IP --- data/Dockerfiles/watchdog/Dockerfile | 1 + data/Dockerfiles/watchdog/watchdog.sh | 19 +++++++++---------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/data/Dockerfiles/watchdog/Dockerfile b/data/Dockerfiles/watchdog/Dockerfile index 96c8976c..e00271c5 100644 --- a/data/Dockerfiles/watchdog/Dockerfile +++ b/data/Dockerfiles/watchdog/Dockerfile @@ -27,6 +27,7 @@ RUN apk add --update \ perl-term-readkey \ tini \ tzdata \ + whois \ && curl https://raw.githubusercontent.com/mludvig/smtp-cli/v3.9/smtp-cli -o /smtp-cli \ && chmod +x smtp-cli diff --git a/data/Dockerfiles/watchdog/watchdog.sh b/data/Dockerfiles/watchdog/watchdog.sh index 70dc031d..0132fa97 100755 --- a/data/Dockerfiles/watchdog/watchdog.sh +++ b/data/Dockerfiles/watchdog/watchdog.sh @@ -59,13 +59,11 @@ function mail_error() { [[ -z ${2} ]] && BODY="Service was restarted on $(date), please check your mailcow installation." || BODY="$(date) - ${2}" WATCHDOG_NOTIFY_EMAIL=$(echo "${WATCHDOG_NOTIFY_EMAIL}" | sed 's/"//;s|"$||') # Some exceptions for subject and body formats - if [[ ${1} == "watchdog-mailcow" ]]; then - SUBJECT="Watchdog started" - elif [[ ${1} == "fail2ban" ]]; then + if [[ ${1} == "fail2ban" ]]; then SUBJECT="${BODY}" BODY="Please see netfilter-mailcow for more details and triggered rules." else - SUBJECT="Watchdog: ${1} triggered an event" + SUBJECT="Watchdog ALERT: ${1}" fi IFS=',' read -r -a MAIL_RCPTS <<< "${WATCHDOG_NOTIFY_EMAIL}" for rcpt in "${MAIL_RCPTS[@]}"; do @@ -77,15 +75,14 @@ function mail_error() { log_msg "Cannot determine MX for ${rcpt}, skipping email notification..." return 1 fi - [ -f "/tmp/${1}" ] && ATTACH="--attach /tmp/${1}@text/plain" || ATTACH= + [ -f "/tmp/${1}" ] && BODY="/tmp/${1}" ./smtp-cli --missing-modules-ok \ --subject="${SUBJECT}" \ --body-plain="${BODY}" \ --to=${rcpt} \ --from="watchdog@${MAILCOW_HOSTNAME}" \ --server="${RCPT_MX}" \ - --hello-host=${MAILCOW_HOSTNAME} \ - ${ATTACH} + --hello-host=${MAILCOW_HOSTNAME} log_msg "Sent notification email to ${rcpt}" done } @@ -669,7 +666,7 @@ while true; do done ) & -# Restart container when threshold limit reached +# Actions when threshold limit is reached while true; do CONTAINER_ID= HAS_INITDB= @@ -688,10 +685,12 @@ while true; do redis-cli -h redis-mailcow DEL F2B_RES > /dev/null host= for host in "${F2B_RES[@]}"; do - log_msg "Banned ${F2B_RES}" + log_msg "Banned ${host}" + rm /tmp/fail2ban 2> /dev/null + whois ${host} > /tmp/fail2ban [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${com_pipe_answer}" "IP ban: ${host}" done - elif [[ ${com_pipe_answer} =~ .+-mailcow ]] || [[ ${com_pipe_answer} == "ipv6nat-mailcow" ]]; then + elif [[ ${com_pipe_answer} =~ .+-mailcow ]]; then kill -STOP ${BACKGROUND_TASKS[*]} sleep 3 CONTAINER_ID=$(curl --silent --insecure https://dockerapi/containers/json | jq -r ".[] | {name: .Config.Labels[\"com.docker.compose.service\"], id: .Id}" | jq -rc "select( .name | tostring | contains(\"${com_pipe_answer}\")) | .id")