Changes

From SME Server
Jump to navigationJump to search

Talk:Fail2ban (view source)

Revision as of 04:43, 19 August 2017

1,946 bytes added ,  04:43, 19 August 2017
install fail2ban-subnets
Line 1: Line 1:  +
 +
==Proposed addition to "user contributions" section==
 +
[[User:Mmccarn|Mmccarn]] ([[User talk:Mmccarn|talk]]) 04:43, 19 August 2017 (CEST)
 +
 +
Note: these procedures get the files installed and allow fail2ban and fail2ban-subnets to run without any errors, but I don't know if fail2ban is actually working after making these changes...
 +
 +
===Ban offending subnets===
 +
[https://forums.contribs.org/index.php/topic,51127.msg276126.html#msg276126 Holck found a reference] to an add-on for fail2ban that bans subnets with repeated offences from multiple IPs.
 +
 +
"[https://github.com/XaF/fail2ban-subnets fail2ban-subnets] aims to provide a way to ban subnets of IPs repeatingly banned by fail2ban for multiple offenses."
 +
 +
====Prerequisites====
 +
* [[Fail2ban#Installation_sme8_and_sme9]]
 +
* Git
 +
 +
====Installation====
 +
<nowiki>mkdir -p ~/addons
 +
cd ~/addons
 +
git clone https://github.com/XaF/fail2ban-subnets.git
 +
# mkdir -p /etc/fail2ban/action.d.local /etc/fail2ban/filter.d.local
 +
cp ~/addons/fail2ban-subnets/action.d.local/iptables-subnet.conf /etc/fail2ban/action.d/iptables-subnet.local
 +
cp ~/addons/fail2ban-subnets/filter.d.local/subnets.conf /etc/fail2ban/filter.d/subnets.local
 +
cat ~/addons/fail2ban-subnets/jail.local >> /etc/fail2ban/jail.local
 +
service fail2ban restart
 +
</nowiki>
 +
 +
====Test====
 +
<nowiki>cd ~/addons/fail2ban-subnets
 +
perl fail2ban-subnets.py
 +
</nowiki>
 +
 +
====Activate hourly updates====
 +
cp ~/addons/fail2ban-subnets/fail2ban-subnets.py /etc/cron.hourly
 +
 +
====Remove====
 +
<nowiki># remove the custom action and filter
 +
'rm' /etc/fail2ban/action.d/iptables-subnet.local
 +
'rm' /etc/fail2ban/filter.d/subnets.local
 +
#
 +
# if you have other fail2ban custom jails you may need to edit /etc/fail2ban/jail.local
 +
# otherwise, you can remove the entire file using
 +
#
 +
'rm' /etc/fail2ban/jail.local
 +
#
 +
# remove the hourly cron job
 +
'rm' /etc/cron.hourly/fail2ban-subnets.py
 +
#
 +
# restart fail2ban
 +
signal-event fail2ban-conf
 +
service fail2ban restart
 +
</nowiki>
 +
 +
 +
==Proposed update for the checklist_ban script==
 
[[User:Mmccarn|Mmccarn]] ([[User talk:Mmccarn|talk]]) 14:54, 7 May 2017 (CEST)
 
[[User:Mmccarn|Mmccarn]] ([[User talk:Mmccarn|talk]]) 14:54, 7 May 2017 (CEST)
* Proposed update for the checklist_ban script:
+
 
 
  <nowiki>#!/bin/bash
 
  <nowiki>#!/bin/bash
 
#lancer le script en sudo
 
#lancer le script en sudo
Retrieved from "https://wiki.koozali.org/Special:MobileDiff/33883"

Navigation menu