[Fail2ban-users] Custom Action with ruby script

[Alessandro M. <ale...@gm...>]

Hi to all,
sorry if this question is already posted but I try to search on web,
on github official repo page and on documentation and I don't find a
solution.
I'm writing an Abuse Report generator in Ruby (I want post it on
Github) to parse the output of a whois-mail sent to a temporary file
so it can retrieve ip of attacker, service attacked, abuse mail from
whois report and attach the log in the same mail.
If i run script manually it works so I try to write a custom action to
automate this operation.

The files I edited are:

jail.local (is extracted part)
[sshd]
enabled  = true
port    = ssh
action   = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s",
protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp]
           %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"]
           mr2ban
logpath = /var/log/secure
maxretry = 3
bantime = -1

r2ban.conf
[Definition]

# Option:  actionban
# Notes.:  command executed when banning an IP. Take care that the
#          command is executed with Fail2Ban user rights.
# Tags:    See jail.conf(5) man page
# Values:  CMD
#
actionban = ruby /opt/r2ban/r2ban.rb

[Init]

name = default

and

my script with also a log function that shows me it wasn't executed.

I'm wrong in the ruby script invocation?

Thank you for your help


Alessandro Middei

RedHat Certified System Administrator
MailStore Certified Archiving Specialist