From 5fa9775ad91ab75137f851ac2663adeb8518ee99 Mon Sep 17 00:00:00 2001
From: Tom Hughes <tom@compton.nu>
Date: Wed, 24 Jan 2024 09:33:10 +0000
Subject: [PATCH] Extend search period and ban time for trackpoint jail

---
 cookbooks/fail2ban/resources/jail.rb          | 2 ++
 cookbooks/fail2ban/templates/default/jail.erb | 6 ++++++
 cookbooks/web/recipes/frontend.rb             | 2 ++
 3 files changed, 10 insertions(+)

diff --git a/cookbooks/fail2ban/resources/jail.rb b/cookbooks/fail2ban/resources/jail.rb
index 3af0960e9..c8ff950cf 100644
--- a/cookbooks/fail2ban/resources/jail.rb
+++ b/cookbooks/fail2ban/resources/jail.rb
@@ -26,6 +26,8 @@ property :filter, :kind_of => String
 property :logpath, :kind_of => String
 property :protocol, :kind_of => String
 property :ports, :kind_of => Array, :default => []
+property :bantime, :kind_of => [Integer, String]
+property :findtime, :kind_of => [Integer, String]
 property :maxretry, :kind_of => Integer
 property :ignoreips, :kind_of => Array
 
diff --git a/cookbooks/fail2ban/templates/default/jail.erb b/cookbooks/fail2ban/templates/default/jail.erb
index 91978488c..6a7e377d8 100644
--- a/cookbooks/fail2ban/templates/default/jail.erb
+++ b/cookbooks/fail2ban/templates/default/jail.erb
@@ -14,6 +14,12 @@ filter = <%= @filter %>
 <% if @logpath -%>
 logpath = <%= @logpath %>
 <% end -%>
+<% if @bantime -%>
+bantime = <%= @bantime %>
+<% end -%>
+<% if @findtime -%>
+findtime = <%= @findtime %>
+<% end -%>
 <% if @maxretry -%>
 maxretry = <%= @maxretry %>
 <% end -%>
diff --git a/cookbooks/web/recipes/frontend.rb b/cookbooks/web/recipes/frontend.rb
index 84923ee89..ec7ce92f5 100644
--- a/cookbooks/web/recipes/frontend.rb
+++ b/cookbooks/web/recipes/frontend.rb
@@ -83,6 +83,8 @@ fail2ban_jail "apache-trackpoints-timeout" do
   filter "apache-trackpoints-timeout"
   logpath "/var/log/apache2/access.log"
   ports [80, 443]
+  bantime "12h"
+  findtime "30m"
 end
 
 fail2ban_filter "apache-notes-search" do
-- 
2.39.5