This is an old revision of the document!
apt-get install fail2ban
“jail.conf” maybe gets overwritten by updates. Create your own config file
cp -a /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
Things you should edit
#Add any IP which you want NOT to be banned, use space for seperation ignoreip = 127.0.0.1/8 192.168.178.1 # "bantime" is the number of seconds that a host is banned. bantime = 86400 # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 1200 maxretry = 3 #Add this to check your ssh login attempts [ssh] enabled = true #port = ssh port = 22 filter = sshd logpath = /var/log/auth.log maxretry = 3
fail2ban-client set <JAIL> unbanip <IP> #example fail2ban-client set ssh unbanip 192.168.178.1
fail2ban-client set <JAIL> banip <IP> #example fail2ban-client set ssh banip 192.168.178.1
Get a list of commands
fail2ban-client --help