This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
linux:ubuntu:fail2ban [2018/01/08 10:18] – lunetikk | linux:ubuntu:fail2ban [2019/10/29 10:45] (current) – lunetikk | ||
---|---|---|---|
Line 31: | Line 31: | ||
port = 22 | port = 22 | ||
filter | filter | ||
+ | # | ||
+ | # | ||
logpath | logpath | ||
maxretry = 3 | maxretry = 3 | ||
+ | |||
+ | [vsftpd] | ||
+ | |||
+ | enabled | ||
+ | port = ftp, | ||
+ | filter | ||
+ | logpath | ||
+ | # or overwrite it in jails.local to be | ||
+ | # logpath = / | ||
+ | # if you want to rely on PAM failed login attempts | ||
+ | # vsftpd' | ||
+ | maxretry = 3 | ||
+ | |||
+ | |||
+ | # To log wrong MySQL access attempts add to / | ||
+ | # log-error=/ | ||
+ | # log-warning = 2 | ||
+ | [mysqld-auth] | ||
+ | |||
+ | enabled | ||
+ | filter | ||
+ | port = 3306 | ||
+ | logpath | ||
+ | |||
+ | [repeatoffender] | ||
+ | |||
+ | enabled | ||
+ | filter | ||
+ | action | ||
+ | | ||
+ | logpath | ||
+ | maxretry = 3 | ||
+ | #findtime is 365 days | ||
+ | findtime = 31536000 | ||
+ | bantime | ||
+ | |||
+ | </ | ||
+ | |||
+ | ===== Abusemails ===== | ||
+ | |||
+ | Click the following link for more info about abuse automatisation\\ | ||
+ | [[linux: | ||
+ | |||
+ | ===== Commands ===== | ||
+ | |||
+ | ==== Unban ==== | ||
+ | |||
+ | < | ||
+ | fail2ban-client set < | ||
+ | #example | ||
+ | fail2ban-client set ssh unbanip 192.168.178.1 | ||
+ | </ | ||
+ | |||
+ | ==== Ban ==== | ||
+ | |||
+ | < | ||
+ | fail2ban-client set < | ||
+ | #example | ||
+ | fail2ban-client set ssh banip 192.168.178.1 | ||
</ | </ | ||
+ | |||
+ | ==== Other ==== | ||
+ | |||
+ | Get a list of commands | ||
+ | < | ||
+ | |||
+ | ===== Troubleshooting ===== | ||
+ | |||
+ | ==== IP gets banned everytime ==== | ||
+ | |||
+ | An IP listed in " | ||
+ | |||
+ | __Reason:__ \\ | ||
+ | The IP was banned before you added it to " | ||
+ | |||
+ | __Fix:__ \\ | ||
+ | The IP is added to the file " | ||
+ | Open the file and remove the IP. | ||
+ | |||
+ |