Changes

From SME Server
Jump to navigationJump to search

Fail2ban (view source)

Revision as of 17:04, 5 April 2020

520 bytes removed ,  17:04, 5 April 2020
→‎Installation sme9
Line 9: Line 9:  
mailto:daniel@firewall-services.com
 
mailto:daniel@firewall-services.com
   −
Please discuss, provide feedback and share epxeriences on the forums [http://forums.contribs.org/index.php/topic,51127.0.html '''here''']
+
Please discuss, provide feedback and share experiences on the forums [http://forums.contribs.org/index.php/topic,51127.0.html '''here''']
    
== Description ==
 
== Description ==
Line 20: Line 20:     
== Requirements ==
 
== Requirements ==
This contrib has been developped and tested on SME Server 8 and later. It probably won't work on SME 7.
+
This contrib has been developed and tested on SME Server 8 and later.
       
{{Note box|The SME feature [http://wiki.contribs.org/AutoBlock AutoBlock SSH] should be disabled to ensure that fail2ban controls SSH traffic and not the SME build-in firewall.}}
 
{{Note box|The SME feature [http://wiki.contribs.org/AutoBlock AutoBlock SSH] should be disabled to ensure that fail2ban controls SSH traffic and not the SME build-in firewall.}}
   −
== Installation sme8 and sme9 ==
+
==Koozali SME v9==
Configure Firewall-Services's repository:
+
{{#smeversion: smeserver-fail2ban}}
 
  −
db yum_repositories set fws repository \
  −
BaseURL http://repo.firewall-services.com/centos/\$releasever \
  −
EnableGroups no GPGCheck yes \
  −
Name "Firewall Services" \
  −
GPGKey http://repo.firewall-services.com/RPM-GPG-KEY \
  −
Visible yes status disabled
  −
 
      +
== Installation sme9 ==
 
Configure EPEL's repository:
 
Configure EPEL's repository:
For SME 8.x,
  −
  −
/sbin/e-smith/db yum_repositories set epel repository \
  −
Name 'Epel - EL5' \
  −
BaseUrl 'http://download.fedoraproject.org/pub/epel/5/$basearch' \
  −
MirrorList 'http://mirrors.fedoraproject.org/mirrorlist?repo=epel-5&arch=$basearch' \
  −
EnableGroups no \
  −
GPGCheck yes \
  −
GPGKey http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL \
  −
Visible no \
  −
status disabled
      
<onlyinclude>{{#ifeq:{{{transcludesection|epel9}}}|epel9|
 
<onlyinclude>{{#ifeq:{{{transcludesection|epel9}}}|epel9|
Line 66: Line 48:  
*install the rpms
 
*install the rpms
   −
  yum --enablerepo=fws --enablerepo=epel install smeserver-fail2ban
+
  yum --enablerepo=smecontribs --enablerepo=epel install smeserver-fail2ban
      Line 95: Line 77:     
==DB command==
 
==DB command==
there is no panel yet you can manage the contrib by the db configuration, it is quite simple
+
While there is a panel in the server-manager, you can also manage the contrib by the db configuration, it is quite simple
    
  # config show fail2ban  
 
  # config show fail2ban  
Line 388: Line 370:  
Paste this
 
Paste this
 
  <nowiki>#!/bin/bash
 
  <nowiki>#!/bin/bash
echo -e \
+
      echo -e \
"IP            \t"\
+
      "IP            \t"\
"BanTime            \t"\
+
      "BanTime            \t"\
"UnbanTime          \t"\
+
      "UnbanTime          \t"\
"Jail"
+
      "Jail"
+
     
for ban in $(db fail2ban show |awk -F\= ' $2=="ban" {print $1}');  
+
      for ban in $(db fail2ban show |awk -F\= ' $2=="ban" {print $1}');  
  do
+
        do
    IP=$(db fail2ban getprop $ban Host)
+
          IP=$(db fail2ban getprop $ban Host)
    Bantime=$(date +"%F %T" -d @$(db fail2ban getprop $ban BanTimestamp))
+
          Bantime=$(date +"%F %T" -d @$(db fail2ban getprop $ban BanTimestamp))
    UnBanTime=$(date +"%F %T" -d @$(db fail2ban getprop $ban UnbanTimestamp))
+
          UnBanTime=$(date +"%F %T" -d @$(db fail2ban getprop $ban UnbanTimestamp))
    LastJail=$(zgrep -H "Ban $IP" $(find /var/log/fail2ban -type f -ctime -7) |tail -1 |awk '{print $6}')  
+
          LastJail=$(zgrep -H "Ban $IP" $(find /var/log/fail2ban -type f -ctime -7) |tail -1 |awk '{print $6}')  
+
     
    printf "%-15s" "$IP"
+
          printf "%-15s" "$IP"
    echo -e "\t$Bantime\t$UnBanTime\t$LastJail"
+
          echo -e "\t$Bantime\t$UnBanTime\t$LastJail"
  done
+
        done
</nowiki>
+
      </nowiki>
    
save, then make executable
 
save, then make executable
Line 413: Line 395:  
Output:
 
Output:
 
  <nowiki>IP            BanTime            UnbanTime          Jail
 
  <nowiki>IP            BanTime            UnbanTime          Jail
46.246.39.228  2017-09-09 18:45:00 2017-09-10 18:45:00 [http-scan]
+
      46.246.39.228  2017-09-09 18:45:00 2017-09-10 18:45:00 [http-scan]
124.239.180.102 2017-09-09 12:07:32 2017-09-10 12:07:32 [http-scan]
+
      124.239.180.102 2017-09-09 12:07:32 2017-09-10 12:07:32 [http-scan]
212.237.54.93  2017-09-09 19:27:32 2017-09-10 19:27:32 [http-scan]
+
      212.237.54.93  2017-09-09 19:27:32 2017-09-10 19:27:32 [http-scan]
</nowiki>
+
      </nowiki>
    
===WordPress===
 
===WordPress===
Line 430: Line 412:  
Only released version in smecontrib are listed here.
 
Only released version in smecontrib are listed here.
   −
{{ #smechangelog: smeserver-fail2ban}}
+
{{#smechangelog: smeserver-fail2ban}}
 
----
 
----
    
[[Category: Contrib]]
 
[[Category: Contrib]]
 
[[Category: Security]]
 
[[Category: Security]]
Kruhm
227

edits

Retrieved from "https://wiki.koozali.org/Special:MobileDiff/38096...38667"

Navigation menu