fail2ban使用教程

地址

用法

apt-get update
apt-get install -y iptables
apt-get install -y fail2ban
systemctl start fail2ban
systemctl status fail2ban        # 查看fail2ban 是否正常启动
systemctl enable fail2ban

配置 vim /etc/fail2ban/jail.local

[sshd]               
enabled = true     
port = 22          
filter = sshd       
logpath = /var/log/auth.log  
maxretry = 3       
bantime = 1d

systemctl stop fail2ban
systemctl start fail2ban

查看 2022 年 10 月 16 日至 10 月 18 日的失败 ssh 登陆记录 lastb -s 2022-10-16 -t 2022-10-18 取消 ban 测试IP地址 fail2ban-client set sshd unbanip IP_ADDRESS 查看sshd的详细状态 fail2ban-client status sshd