fail2ban handling integrated in setup.sh (#797)

* fail2ban handling integrated in setup.sh

- calling \"./setup debug fail2ban\" lists all iptable chains whith blocked IPs (like: Banned in dovecot: 91.200.12.164
										       Banned in postfix-sasl: 91.200.12.164)
- calling \"./setup debug fail2ban unban xxx.xxx.xxx.xxx [yyy.yyy.yyy.yyy ...]\" unbans/removes those IPs from all jails.
- calling \"./setup debug fail2ban unban\" (without an IP) gives an descriptive error: (You need to specify an IP address. Run "./setup.sh debug fail2ban" to get a list of banned IP addresses.)

* disable_vrfy_command: (#798)

Prevents Spammers from collecting existing mail-addresses by probing the mailserver for them.

* Added support for Dovecot and Postfix LDAP TLS (#800)

* Allow setup of LDAP STARTTLS for Dovecot and Postfix

* Added tests for TLS config override

* Add missing Postfix TLS options

* Added missing new line at the end of the file

* Added STARTTLS tests for Postfix config

* tests added
and made the script output look more shiny.

* setup.sh enhancements
This commit is contained in:
17Halbe 2018-01-31 22:25:29 +01:00 committed by Johan Smits
parent d270fcdd40
commit c2f4220016
2 changed files with 56 additions and 0 deletions

View file

@ -1131,6 +1131,21 @@ load 'test_helper/bats-assert/load'
run ./setup.sh -c mail debug login ls
assert_success
}
@test "checking setup.sh: setup.sh debug fail2ban" {
run docker exec mail_fail2ban /bin/sh -c "fail2ban-client set dovecot banip 192.0.66.4"
run docker exec mail_fail2ban /bin/sh -c "fail2ban-client set dovecot banip 192.0.66.5"
sleep 10
run ./setup.sh -c mail_fail2ban debug fail2ban
assert_output "Banned in dovecot: 192.0.66.5 192.0.66.4"
run ./setup.sh -c mail_fail2ban debug fail2ban unban 192.0.66.4
assert_output --partial "unbanned IP from dovecot: 192.0.66.4"
run ./setup.sh -c mail_fail2ban debug fail2ban
assert_output "Banned in dovecot: 192.0.66.5"
run ./setup.sh -c mail_fail2ban debug fail2ban unban 192.0.66.5
run ./setup.sh -c mail_fail2ban debug fail2ban unban
assert_output --partial "You need to specify an IP address. Run"
}
#
# LDAP