Add missing banaction_allports setting to update settings function

internal/config/settings.go

@@ -756,13 +756,16 @@ func ensureJailLocalStructure() error {
 		existingContent = string(content)
 	}
 
-	// Check if file already has our banner (indicating it's already structured)
-	hasBanner := strings.Contains(existingContent, "Fail2Ban-UI") || strings.Contains(existingContent, "fail2ban-ui")
+	// Check if file already has our full banner (indicating it's already properly structured)
+	// Check for the complete banner pattern with hash line separators
+	hasFullBanner := strings.Contains(existingContent, "################################################################################") &&
+		strings.Contains(existingContent, "Fail2Ban-UI Managed Configuration") &&
+		strings.Contains(existingContent, "DO NOT EDIT THIS FILE MANUALLY")
 	hasActionMwlg := strings.Contains(existingContent, "action_mwlg") && strings.Contains(existingContent, "ui-custom-action")
 	hasActionOverride := strings.Contains(existingContent, "action = %(action_mwlg)s")
 
 	// If file is already properly structured, just ensure DEFAULT section is up to date
-	if hasBanner && hasActionMwlg && hasActionOverride {
+	if hasFullBanner && hasActionMwlg && hasActionOverride {
 		DebugLog("jail.local already has proper structure, updating DEFAULT section if needed")
 		// Update DEFAULT section values without changing structure
 		return updateJailLocalDefaultSection(settings)
@@ -848,14 +851,30 @@ func updateJailLocalDefaultSection(settings AppSettings) error {
 	inDefault := false
 	defaultUpdated := false
 
+	// Convert IgnoreIPs array to space-separated string
+	ignoreIPStr := strings.Join(settings.IgnoreIPs, " ")
+	if ignoreIPStr == "" {
+		ignoreIPStr = "127.0.0.1/8 ::1"
+	}
+	// Set default banaction values if not set
+	banaction := settings.Banaction
+	if banaction == "" {
+		banaction = "iptables-multiport"
+	}
+	banactionAllports := settings.BanactionAllports
+	if banactionAllports == "" {
+		banactionAllports = "iptables-allports"
+	}
 	// Keys to update
 	keysToUpdate := map[string]string{
-		"bantime.increment": fmt.Sprintf("bantime.increment = %t", settings.BantimeIncrement),
-		"ignoreip":          fmt.Sprintf("ignoreip = %s", strings.Join(settings.IgnoreIPs, " ")),
-		"bantime":           fmt.Sprintf("bantime = %s", settings.Bantime),
-		"findtime":          fmt.Sprintf("findtime = %s", settings.Findtime),
-		"maxretry":          fmt.Sprintf("maxretry = %d", settings.Maxretry),
-		"destemail":         fmt.Sprintf("destemail = %s", settings.Destemail),
+		"bantime.increment":  fmt.Sprintf("bantime.increment = %t", settings.BantimeIncrement),
+		"ignoreip":           fmt.Sprintf("ignoreip = %s", ignoreIPStr),
+		"bantime":            fmt.Sprintf("bantime = %s", settings.Bantime),
+		"findtime":           fmt.Sprintf("findtime = %s", settings.Findtime),
+		"maxretry":           fmt.Sprintf("maxretry = %d", settings.Maxretry),
+		"destemail":          fmt.Sprintf("destemail = %s", settings.Destemail),
+		"banaction":          fmt.Sprintf("banaction = %s", banaction),
+		"banaction_allports": fmt.Sprintf("banaction_allports = %s", banactionAllports),
 	}
 	keysUpdated := make(map[string]bool)
 

internal/fail2ban/connector_ssh.go

@@ -793,22 +793,23 @@ settings = {
     'banaction_allports': banaction_allports_val
 }
 
-# Check if file already has our banner
-has_banner = False
+# Check if file already has our full banner (indicating it's already properly structured)
+has_full_banner = False
 has_action_mwlg = False
 has_action_override = False
 
 try:
     with open(jail_file, 'r') as f:
         content = f.read()
-        has_banner = 'Fail2Ban-UI' in content or 'fail2ban-ui' in content
+        # Check for the complete banner pattern with hash line separators
+        has_full_banner = '################################################################################' in content and 'Fail2Ban-UI Managed Configuration' in content and 'DO NOT EDIT THIS FILE MANUALLY' in content
         has_action_mwlg = 'action_mwlg' in content and 'ui-custom-action' in content
         has_action_override = 'action = %%(action_mwlg)s' in content
 except FileNotFoundError:
     pass
 
 # If already properly structured, just update DEFAULT section
-if has_banner and has_action_mwlg and has_action_override:
+if has_full_banner and has_action_mwlg and has_action_override:
     try:
         with open(jail_file, 'r') as f:
             lines = f.readlines()
@@ -862,6 +863,8 @@ if has_banner and has_action_mwlg and has_action_override:
             ('findtime', 'findtime = ' + settings['findtime']),
             ('maxretry', 'maxretry = ' + str(settings['maxretry'])),
             ('destemail', 'destemail = ' + settings['destemail']),
+            ('banaction', 'banaction = ' + settings['banaction']),
+            ('banaction_allports', 'banaction_allports = ' + settings['banaction_allports']),
         ]:
             if key not in keys_updated:
                 for i, output_line in enumerate(output_lines):