ubuntu linux fail2ban相关信息和教程
安装fail2bank- sudo apt update && sudo apt install fail2ban
- sudo systemctl status fail2ban
- /etc/fail2ban/jail.conf
- /etc/fail2ban/jail.d/defaults-debian.conf
备份配置文件
- sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.conf_backup
配置文件复制一份并全名*.local后缀.
- sudo cp /etc/fail2ban/jail.{conf,local}
[sshd] enabled = true port = ssh filter = sshd logpath = /var/log/auth.log maxretry = 3 bantime = 1000d
修改完后重启fail2ban
- sudo systemctl restart fail2ban
解封ip
- sudo fail2ban-client set sshd unbanip 1.1.1.1
- sudo fail2ban-client set sshd unbanip 1.1.1.1
fail2ban-client status- Status
- |- Number of jail: 2
- `- Jail list: sshd, vsftpd-iptables
fail2ban-client status sshd
- Status for the jail: sshd
- |- Filter
- | |- Currently failed: 0
- | |- Total failed: 0
- | `- File list: /var/log/auth.log
- `- Actions
- |- Currently banned: 0
- |- Total banned: 0
- `- Banned IP list:
fail2ban-client status vsftpd-iptables命令查看 vsftpd相关的信息(banned ip之类):
- Status for the jail: vsftpd-iptables
- |- Filter
- | |- Currently failed: 0
- | |- Total failed: 0
- | `- File list: /var/log/vsftpd.log
- `- Actions
- |- Currently banned: 0
- |- Total banned: 0
- `- Banned IP list:
查看fai2ban ssh相应的log在那个位置- fail2ban-client status sshd
fail2ban auth.log位置
| 
发表于 2020-9-25 13:49:42
