Fail2Ban (Debian): Unterschied zwischen den Versionen
Aus MattWiki
Matt (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „Anleitung für Einrichtung von Fail2Ban in Debian. == Installation == apt-get install fail2ban == Konfiguration == Für die Anpassung der Regeln eine neue …“) |
Matt (Diskussion | Beiträge) Keine Bearbeitungszusammenfassung |
||
| Zeile 32: | Zeile 32: | ||
Use iptables -L -n to find the rule name... | Use iptables -L -n to find the rule name... | ||
...then use fail2ban-client status to get the actual jail names. The rule name and jail name may not be the same but it should be clear which one is related to which. | ...then use fail2ban-client status to get the actual jail names. The rule name and jail name may not be the same but it should be clear which one is related to which. | ||
[[Category:Debian]] | |||
[[Category:Linux]] | |||
Version vom 12. April 2016, 23:02 Uhr
Anleitung für Einrichtung von Fail2Ban in Debian.
Installation
apt-get install fail2ban
Konfiguration
Für die Anpassung der Regeln eine neue Datei Namens jail.local nach dem Vorbild von jail.conf anlegen, z. B.:
touch /etc/fail2ban/jail.local
Inhalt
[ssh] enabled = true port = 22 filter = sshd logpath = /var/log/auth.log maxretry = 100
Unban
With Fail2Ban before v0.8.8: fail2ban-client get YOURJAILNAMEHERE actionunban IPADDRESSHERE
With Fail2Ban v0.8.8 and later: fail2ban-client set YOURJAILNAMEHERE unbanip IPADDRESSHERE.
The hard part is finding the right jail:
Use iptables -L -n to find the rule name... ...then use fail2ban-client status to get the actual jail names. The rule name and jail name may not be the same but it should be clear which one is related to which.
