teimur8
5/14/2018 - 9:27 AM

fail2ban centos 7

# https://www.8host.com/blog/zashhita-ssh-s-pomoshhyu-fail2ban-centos-6/
[DEFAULT]
ignoreip = 127.0.0.1
bantime  = 3600
findtime  = 600
maxretry = 3

[ssh-iptables]
enabled  = true
filter   = sshd
action   = iptables[name=SSH, port=ssh, protocol=tcp]
# sendmail-whois[name=SSH, dest=root, sender=fail2ban@example.com]
logpath = %(sshd_log)s
maxretry = 5


systemctl reload fail2ban
tail -f /var/log/fail2ban.log
iptables -L


service fail2ban status



systemctl enable fail2ban


## https://losst.ru/nastrojka-fail2ban-centos-7
## https://www.dmosk.ru/instruktions.php?object=fail2ban
#
#cat /etc/fail2ban/jail.conf
#[sshd]
#enabled = true
#port = ssh
#logpath = %(sshd_log)s
#backend = %(sshd_backend)s