cgrddv/obsidian_note
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
71e83861de9c39987cfa7bab55eab022b744e71d
obsidian_note/技术探究/Linux/Fail2ban.md
杜鹏飞 71e83861de vault backup: 2025-12-04 09:12:56
2025-12-04 09:12:56 +08:00

50 lines
1.2 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
>https://www.cnblogs.com/liujunqiao/p/10719942.html
* yum -y install epel-release
```#epel库里就有fail2ban 直接安装epel库就可以使用```
* yum -y install fail2ban
```#安装fail2ban```
* systemctl enable fail2ban
* cd /etc/fail2ban
* cp jail.conf jail.local
> 可以删除所有配置,配置以下内容
```
[sshd-iptables]
enabled = true
port = 22922
filter = sshd
# 过滤参数对应filter.d 目录下的动作
action = iptables[name=SSH, port=22922, protocol=tcp]
# 动作参数 对应actioin.d目录下的动作当前使用iptables
logpath = %(sshd_log)s
backend = %(sshd_backend)s
maxretry = 3
findtime = 10m
# 10分钟内输错3次
bantime = 60m
# 60分钟内禁止链接实际为iptables增加了reject规则
```
* systemctl start fail2ban
* systemctl status fail2ban
* fail2ban-client status
查看fail2ban已经操作的ip
> iptables -nL
```
Chain f2b-SSH (1 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
```
* 解封ip
```
fail2ban-client set sshd-iptables unbanip xxx.xxx.xxx.xxx
set 后面的参数 为 jail.local 里面 [xxxx] 对应的节点 sshd-iptables
```
Reference in New Issue View Git Blame Copy Permalink