Pass bantime and findtime to jail config correctly

[chef.git] / cookbooks / fail2ban / resources / jail.rb

diff --git a/cookbooks/fail2ban/resources/jail.rb b/cookbooks/fail2ban/resources/jail.rb
index 66fa19d2da573fc876673bb9a40d85af1076c4e0..f6864505405b27fcb5fbaa197f0c64951960849e 100644 (file)
--- a/cookbooks/fail2ban/resources/jail.rb
+++ b/cookbooks/fail2ban/resources/jail.rb
@@ -17,6 +17,8 @@
 # limitations under the License.
 #
 
 # limitations under the License.
 #
 

+unified_mode true
+

 default_action :create
 
 property :jail, :kind_of => String, :name_property => true
 default_action :create
 
 property :jail, :kind_of => String, :name_property => true


@@ -24,6 +26,8 @@ property :filter, :kind_of => String
 property :logpath, :kind_of => String
 property :protocol, :kind_of => String
 property :ports, :kind_of => Array, :default => []
 property :logpath, :kind_of => String
 property :protocol, :kind_of => String
 property :ports, :kind_of => Array, :default => []

+property :bantime, :kind_of => [Integer, String]
+property :findtime, :kind_of => [Integer, String]

 property :maxretry, :kind_of => Integer
 property :ignoreips, :kind_of => Array
 
 property :maxretry, :kind_of => Integer
 property :ignoreips, :kind_of => Array
 


@@ -33,12 +37,14 @@ action :create do
     source "jail.erb"
     owner "root"
     group "root"
     source "jail.erb"
     owner "root"
     group "root"

-    mode 0o644
+    mode "644"

     variables :name => new_resource.jail,
               :filter => new_resource.filter,
               :logpath => new_resource.logpath,
               :protocol => new_resource.protocol,
               :ports => new_resource.ports,
     variables :name => new_resource.jail,
               :filter => new_resource.filter,
               :logpath => new_resource.logpath,
               :protocol => new_resource.protocol,
               :ports => new_resource.ports,

+              :bantime => new_resource.bantime,
+              :findtime => new_resource.findtime,

               :maxretry => new_resource.maxretry,
               :ignoreips => new_resource.ignoreips
   end
               :maxretry => new_resource.maxretry,
               :ignoreips => new_resource.ignoreips
   end