Changes

From SME Server
Jump to navigationJump to search

Fail2ban (view source)

Revision as of 19:49, 24 June 2013

863 bytes added ,  19:49, 24 June 2013
→‎DB command
Line 62: Line 62:  
     Mail=enabled
 
     Mail=enabled
 
     status=enabled
 
     status=enabled
 +
 +
===Use Fail2ban===
 +
*List all jails
 +
[root@sme8 ~]# fail2ban-client status
 +
Status
 +
|- Number of jail: 10
 +
`- Jail list: http-overflows, http-noscript, http-auth, sogo, pam-generic, ssh-ddos, http-scan, ssh, qpsmtpd, recidive
 +
 +
*List IP banned from a specific jail
 +
[root@sme8 ~]# fail2ban-client status ssh
 +
choose the specific jail with the command above which enumerate the Jail-list.
 +
 +
*Play with a script which list How many ip are banned from all jails
 +
 +
nano /root/checklist_ban
 +
 +
#!/bin/bash
 +
#lancer le script en sudo
 +
JAILS=$(fail2ban-client status | grep " Jail list:" | sed 's/`- Jail list:\t\t//g' | sed 's/,//g')
 +
for j in $JAILS
 +
do
 +
echo "$j $(fail2ban-client status $j | grep " Currently banned:" | sed 's/  |- Currently banned:\t//g')"
 +
done
 +
 +
chmod 700 /root/checklist_ban
 +
 +
to launch the script, do the following command:
 +
/root/checklist_ban
    
===Jail.conf===
 
===Jail.conf===
Retrieved from "https://wiki.koozali.org/Special:MobileDiff/20586"

Navigation menu