Skip to content

Instantly share code, notes, and snippets.

@mhingston

mhingston/fail2ban.md

Last active April 13, 2016 17:59
Show Gist options
  • Save mhingston/0256607551f0c6ef82ba to your computer and use it in GitHub Desktop.
Save mhingston/0256607551f0c6ef82ba to your computer and use it in GitHub Desktop.
Download ZIP
Fail2ban permanent bans
Raw
fail2ban.md

/etc/fail2ban/jail.local

Add to JAILS section:

[ip-blacklist]

enabled   = true
banaction = iptables-allports
port      = anyport
filter    = ip-blacklist
logpath   = /etc/fail2ban/ip.blacklist
maxretry  = 0
findtime  = 15552000
bantime   = -1

#/etc/fail2ban/filter.d/ip-blacklist.conf [Definition]

# Option:  failregex
# Notes :  Detection of blocked ip addresses.
# Values:  TEXT
#

failregex = ^<HOST> \[.*\]$

# Option:  datepattern
# Notes:   Detection of date entry.
# Values:  TEXT
#

datepattern = %d/%m/%Y %H:%M:%S

# Option:  ignoreregex
# Notes :  Regex to ignore.
# Values:  TEXT
#

ignoreregex =

#/etc/fail2ban/ip.blacklist Put IP addresses to ban along with the specified date format here e.g.

1.2.3.4 [01/01/2016 00:00:00]

Restart fail2ban:

service fail2ban restart
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment