Skip to content

Instantly share code, notes, and snippets.

@hugsbrugs

hugsbrugs/jail.local

Last active March 8, 2016 17:31
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save hugsbrugs/a66e7eaa102a1e266014 to your computer and use it in GitHub Desktop.
Save hugsbrugs/a66e7eaa102a1e266014 to your computer and use it in GitHub Desktop.
Download ZIP
Memo Linux fail2ban
Raw
jail.local
[DEFAULT]
ignoreip = 127.0.0.1/8 YOUR_IP
banaction = ufw
bantime = 1800
destemail = your.name@mail.com
sendername = Fail2Ban
action = %(action_mwl)s
[sshd]
enabled = true
#banaction = ufw[application=OpenSSH, port=ssh, protocol=tcp]
# Get 'OpenSSH' from command : sudo ufw app list
banaction = ufw[application=OpenSSH]
# Not needed if rule has same name as filter (sshd)
#filter = sshd
bantime = 86400
findtime = 300
maxretry = 2
port = ssh
#logpath = /var/log/auth.log
[apache-auth]
enabled = true
log_path = /var/log/apache2/*error.log
/var/www/logs/*error_log
Raw
linux-fail2ban.sh
# service
sudo service fail2ban status
sudo service fail2ban start
sudo service fail2ban stop
# Reload config
sudo fail2ban-client reload
# Check running services
sudo fail2ban-client status
# Check specific service (sshd, apache-auth ...)
sudo fail2ban-client status <service>
# Ping fail2ban server
sudo fail2ban-client ping
# Server status
sudo fail2ban-server status
# Reload server
sudo fail2ban-server reload
# Debug config
sudo fail2ban-client -v -d
# Logs
sudo tail -f /var/log/fail2ban.log
# Run filter again log file to test rules
sudo fail2ban-regex /var/log/auth.log /etc/fail2ban/filter.d/sshd.conf
# Manually ban/unbad IP from service (sshd, apache-auth ...)
sudo fail2ban-client set <service> banip 111.111.111.111
sudo fail2ban-client set <service> unbanip 111.111.111.111
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment