fail2ban
This is an old revision of the document!
Table of Contents
Test jail
- /etc/fail2ban/paths-test.conf
[INCLUDES] before = paths-common.conf after = paths-overrides.local [DEFAULT] test_logs = /var/log/test*.log
- /etc/fail2ban/filter.d/testjail.conf
[INCLUDES] before = common.conf [Definition] _daemon = test failregex = ^%(__prefix_line)s.*fail2ban([ \d]*)?test IP: <HOST>.*$
- /etc/fail2ban/jail.local
[INCLUDES] before = paths-test.conf [DEFAULT] bantime = 86400 findtime = 86400 banaction = dummy action_mwl = %(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"] %(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s"] action = %(action_mwl)s [testjail] enabled = true port = ssh logpath = %(test_logs)s filter = testjail maxretry = 2
Testing:
systemctl restart fail2ban
echo "$(date +'%b %d %T') $(hostname) test: fail2ban 1 test IP: 192.168.1.15" >> /var/log/test2.log echo "$(date +'%b %d %T') $(hostname) test: fail2ban 1 test IP: 192.168.1.15" >> /var/log/test.log
Save custom config
destination=/root/temp/fail2ban.local find /etc/fail2ban -type f -name "*.local" | rsync -av --files-from=- / "$destination"/
Divers
/docs/dokuwiki/data/attic/fail2ban.1562780074.txt.gz · Last modified: 2019-07-10 19:34:34 by mi
