mirror/docker-mailserver.docker-mailserver
1
0
Fork 0
mirror of https://github.com/docker-mailserver/docker-mailserver.git synced 2025-08-03 09:34:33 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add ENABLE_FAIL2BAN environment variable to enable fail2ban service (it's not enabled by default, now).

Browse source 
* Changed/updated Makefile and integration tests
* Changed some grep expressions in the fail2ban tests
This commit is contained in:
angus 2016-03-31 12:33:47 +02:00
parent 55cfa30491
commit 5219aab9e8
4 changed files with 32 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

27
test/tests.bats
View file

@ -32,8 +32,13 @@
[ "$status" -eq 0 ]
}
@test "checking process: fail2ban" {
@test "checking process: fail2ban (disabled in default configuration)" {
run docker exec mail /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/bin/python /usr/bin/fail2ban-server'"
[ "$status" -eq 1 ]
}
@test "checking process: fail2ban (fail2ban server enabled)" {
run docker exec mail_fail2ban /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/bin/python /usr/bin/fail2ban-server'"
[ "$status" -eq 0 ]
}
@ -311,26 +316,26 @@
#
@test "checking fail2ban: localhost is not banned" {
run docker exec mail /bin/sh -c "fail2ban-client status sasl | grep 'IP list:\s*127.0.0.1'"
run docker exec mail_fail2ban /bin/sh -c "fail2ban-client status sasl | grep 'IP list:.*127.0.0.1'"
[ "$status" -eq 1 ]
}
@test "checking fail2ban: ban ip on multiple failed login" {
docker exec mail fail2ban-client status sasl
docker exec mail fail2ban-client set sasl delignoreip 127.0.0.1/8
docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 25 < /tmp/test/auth/smtp-auth-login-wrong.txt'
docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 25 < /tmp/test/auth/smtp-auth-login-wrong.txt'
docker exec mail /bin/sh -c 'nc -w 1 0.0.0.0 25 < /tmp/test/auth/smtp-auth-login-wrong.txt'
docker exec mail_fail2ban fail2ban-client status sasl
docker exec mail_fail2ban fail2ban-client set sasl delignoreip 127.0.0.1/8
docker exec mail_fail2ban /bin/sh -c 'nc -w 1 0.0.0.0 25 < /tmp/test/auth/smtp-auth-login-wrong.txt'
docker exec mail_fail2ban /bin/sh -c 'nc -w 1 0.0.0.0 25 < /tmp/test/auth/smtp-auth-login-wrong.txt'
docker exec mail_fail2ban /bin/sh -c 'nc -w 1 0.0.0.0 25 < /tmp/test/auth/smtp-auth-login-wrong.txt'
sleep 5
run docker exec mail /bin/sh -c "fail2ban-client status sasl | grep 'IP list:\s*127.0.0.1'"
run docker exec mail_fail2ban /bin/sh -c "fail2ban-client status sasl | grep 'IP list:.*127.0.0.1'"
[ "$status" -eq 0 ]
}
@test "checking fail2ban: unban ip works" {
docker exec mail fail2ban-client set sasl addignoreip 127.0.0.1/8
docker exec mail fail2ban-client set sasl unbanip 127.0.0.1
docker exec mail_fail2ban fail2ban-client set sasl addignoreip 127.0.0.1/8
docker exec mail_fail2ban fail2ban-client set sasl unbanip 127.0.0.1
sleep 5
run docker exec mail /bin/sh -c "fail2ban-client status sasl | grep 'IP list:\s*127.0.0.1'"
run docker exec mail_fail2ban /bin/sh -c "fail2ban-client status sasl | grep 'IP list:.*127.0.0.1'"
[ "$status" -eq 1 ]
}