From 206e2e8a0ae6201cec0c1ed0218c463b933dcd38 Mon Sep 17 00:00:00 2001
From: Victor LABORIE <vlaborie@evolix.fr>
Date: Wed, 25 Oct 2017 12:12:18 +0200
Subject: [PATCH] fail2ban: add roundcube filter

---
 fail2ban/defaults/main.yml       | 1 +
 fail2ban/files/roundcube.conf    | 2 ++
 fail2ban/tasks/main.yml          | 1 +
 fail2ban/templates/jail.local.j2 | 9 +++++++++
 4 files changed, 13 insertions(+)
 create mode 100644 fail2ban/files/roundcube.conf

diff --git a/fail2ban/defaults/main.yml b/fail2ban/defaults/main.yml
index 5c4df4f0..d0716d95 100644
--- a/fail2ban/defaults/main.yml
+++ b/fail2ban/defaults/main.yml
@@ -3,3 +3,4 @@ general_alert_email: "root@localhost"
 fail2ban_alert_email: Null
 fail2ban_ignore_ips: []
 fail2ban_wordpress: False
+fail2ban_roundcube: False
diff --git a/fail2ban/files/roundcube.conf b/fail2ban/files/roundcube.conf
new file mode 100644
index 00000000..d4ad016a
--- /dev/null
+++ b/fail2ban/files/roundcube.conf
@@ -0,0 +1,2 @@
+[Definition]
+failregex = Login failed for .*. from <HOST>
diff --git a/fail2ban/tasks/main.yml b/fail2ban/tasks/main.yml
index 886b454b..6a9a6ff7 100644
--- a/fail2ban/tasks/main.yml
+++ b/fail2ban/tasks/main.yml
@@ -32,6 +32,7 @@
     - sasl-evolix.conf
     - wordpress-soft.conf
     - wordpress-hard.conf
+    - roundcube.conf
   notify: restart fail2ban
   tags:
     - fail2ban
diff --git a/fail2ban/templates/jail.local.j2 b/fail2ban/templates/jail.local.j2
index b336e535..73b5f21f 100644
--- a/fail2ban/templates/jail.local.j2
+++ b/fail2ban/templates/jail.local.j2
@@ -44,3 +44,12 @@ logpath = /var/log/auth.log
 maxretry = 5
 findtime = 300
 {% endif %}
+
+{% if fail2ban_roundcube %}
+[roundcube]
+enabled  = true
+port     = http,https
+filter   = roundcube
+logpath  = /var/lib/roundcube/logs/errors
+maxretry = 5
+{% endif %}