Skip to content

Instantly share code, notes, and snippets.

@diyfr
Last active February 16, 2018 10:25
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Embed
What would you like to do?
Docker & Fail2ban (tests)
#/etc/fail2ban/filter.d/docker-gogs-sshd.conf
[INCLUDES]
before = common.conf
[Definition]
_daemon = sshd
failregex = .+sshd.+User .+ from <HOST> not allowed because not listed in AllowUsers\s*.+$
.+sshd.+(?:llegal|nvalid) user .* from <HOST>\s*.+$
.+sshd.+User .+ from <HOST> not allowed because listed in DenyUsers\s*.+$
.+sshd.+User .+ from <HOST> not allowed because not in any group\s*.+$
.+sshd.+refused connect from \S+ \(<HOST>\)\s*.+$
.+sshd.+Received disconnect from <HOST>: 3: \S+: Auth fail.+$
.+sshd.+User .+ from <HOST> not allowed because a group is listed in DenyGroups\s*.+$
.+sshd.+User .+ from <HOST> not allowed because none of user's groups are listed in AllowGroups\s*.+$
ignoreregex =
[Init]
maxlines = 10
journalmatch = _SYSTEMD_UNIT=sshd.service + _COMM=sshd
#/etc/fail2ban/jail.d/gogs_sshd.conf
[gogs_sshd]
enabled = true
port = ssh,http,https
filter = docker-gogs-sshd
action = iptables-allports
maxretry=3
logpath = /var/lib/docker/containers/*/*-json.log
## NOTES : http://www.the-lazy-dev.com/en/install-fail2ban-with-docker/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment