Site Tools


linux:ubuntu:fail2ban

This is an old revision of the document!


Fail2Ban

Installation

apt-get install fail2ban

Configuration

“jail.conf” maybe gets overwritten by updates. Create your own config file

cp -a /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Things you should edit

#Add any IP which you want NOT to be banned, use space for seperation
ignoreip = 127.0.0.1/8 192.168.178.1

# "bantime" is the number of seconds that a host is banned.
bantime  = 86400

# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
findtime = 1200
maxretry = 3

#Add this to check your ssh login attempts
[ssh]

enabled  = true
#port     = ssh
port     = 22
filter   = sshd
logpath  = /var/log/auth.log
maxretry = 3

Commands

Unban

fail2ban-client set <JAIL> unbanip <IP>
#example
fail2ban-client set ssh unbanip 192.168.178.1 

Ban

fail2ban-client set <JAIL> banip <IP>
#example
fail2ban-client set ssh banip 192.168.178.1  

Other

Get a list of commands

fail2ban-client --help

linux/ubuntu/fail2ban.1515407442.txt.gz · Last modified: 2018/01/08 11:30 by lunetikk