发布于 更新于
AI总结: 安装
系统: Ubuntu 20.04.6 LTS
apt-get install fail2ban
命令
查询服务状态
service fail2ban status
systemctl statu...
系统: Ubuntu 20.04.6 LTS
apt-get install fail2banservice fail2ban status
systemctl status fail2ban.service# 查看启用的规则
# fail2ban-client status
Status
|- Number of jail: 1
`- Jail list: sshd
# 查看规则详情
# fail2ban-client status sshd
Status for the jail: sshd
|- Filter
| |- Currently failed: 0
| |- Total failed: 0
| `- File list: /var/log/auth.log
`- Actions
|- Currently banned: 0
|- Total banned: 0
`- Banned IP list:
# 重新加载配置
# fail2ban-client reload
# 重新加载单个配置
# fail2ban-client reload sshd
# 手动解禁IP
# fail2ban-client set sshd unbanip 192.168.1.1配置目录: /etc/fail2ban
修改sshd配置 /etc/fail2ban/jail.d/sshd.conf
[sshd]
enabled = true
mode = normal
port = ssh
filter = sshd
banaction = iptables
bark[name=sshd]
backend = systemd
maxretry = 2
findtime = 1d
bantime = 2w
ignoreip = 127.0.0.1/8
logpath = %(sshd_log)s
#backend = %(sshd_backend)s添加bark.conf自定义action
vim /etc/fail2ban/action.d/bark.conf[Definition]
norestored = 1
actionban = /usr/bin/python3 /root/script/bark.py fail2ban-<name> <ip>
actionunban =
actioncheck =
actionstart =
actionstop =
[Init]
name = default
blocktype = unreachable