Difference between revisions of "Fail2ban Vuurmuur"

From MS Computech
Jump to: navigation, search
Line 2: Line 2:
 
<pre>apt-get install fail2ban
 
<pre>apt-get install fail2ban
 
nano /etc/fail2ban/action.d/vuurmuur.conf</pre>
 
nano /etc/fail2ban/action.d/vuurmuur.conf</pre>
# Fail2Ban configuration file<br>#<br>#
+
<pre>
 +
#Fail2Ban configuration file
 +
#
 +
#
  
 
[Definition]
 
[Definition]
  
# Option: actionban<br># Notes.: command executed when banning an IP. Take care that the<br># command is executed with Fail2Ban user rights.<br># Tags: &lt;ip&gt; IP address<br># &lt;failures&gt; number of failures<br># &lt;time&gt; unix timestamp of the ban time<br># Values: CMD<br>#<br>actionban = vuurmuur_script --block &lt;ip&gt; --apply
+
#Option: actionban
 
+
#Notes.: command executed when banning an IP. Take care that the
# Option: actionunban<br># Notes.: command executed when unbanning an IP. Take care that the<br># command is executed with Fail2Ban user rights.<br># Tags: &lt;ip&gt; IP address<br># &lt;failures&gt; number of failures<br># &lt;time&gt; unix timestamp of the ban time<br># Values: CMD<br>#<br>actionunban = vuurmuur_script --unblock &lt;ip&gt; --apply<br>
+
#         command is executed with Fail2Ban user rights.
 
+
#Tags:   <ipIP address
 
+
#          <failures> number of failures
 +
#          <time> unix timestamp of the ban time
 +
#Values: CMD
 +
#
 +
actionban = vuurmuur_script --block <ip> --apply
  
 +
#Option:  actionunban
 +
#Notes.:  command executed when unbanning an IP. Take care that the
 +
#          command is executed with Fail2Ban user rights.
 +
#Tags:    <ip>  IP address
 +
#          <failures>  number of failures
 +
#          <time>  unix timestamp of the ban time
 +
#Values:  CMD
 +
#
 +
actionunban = vuurmuur_script --unblock <ip> --apply
 +
</pre>
 
The parameter –apply makes the rule active and reloads vuurmuurs configuration. Open /etc/fail2ban/jail.conf in your favorite editor and search the option banaction and change it as follows:  
 
The parameter –apply makes the rule active and reloads vuurmuurs configuration. Open /etc/fail2ban/jail.conf in your favorite editor and search the option banaction and change it as follows:  
 
<pre>nano /etc/fail2ban/jail.conf
 
<pre>nano /etc/fail2ban/jail.conf

Revision as of 01:24, 27 May 2009

Fail2ban + Vuurmuur 

apt-get install fail2ban
nano /etc/fail2ban/action.d/vuurmuur.conf
#Fail2Ban configuration file
#
#

[Definition]

#Option:  actionban
#Notes.:  command executed when banning an IP. Take care that the
#          command is executed with Fail2Ban user rights.
#Tags:    <ip>  IP address
#          <failures>  number of failures
#          <time>  unix timestamp of the ban time
#Values:  CMD
#
actionban = vuurmuur_script --block <ip> --apply

#Option:  actionunban
#Notes.:  command executed when unbanning an IP. Take care that the
#          command is executed with Fail2Ban user rights.
#Tags:    <ip>  IP address
#          <failures>  number of failures
#          <time>  unix timestamp of the ban time
#Values:  CMD
#
actionunban = vuurmuur_script --unblock <ip> --apply

The parameter –apply makes the rule active and reloads vuurmuurs configuration. Open /etc/fail2ban/jail.conf in your favorite editor and search the option banaction and change it as follows: 

nano /etc/fail2ban/jail.conf
banaction = vuurmuur

source

Retrieved from "https://msc.siamtools.com/wiki/index.php?title=Fail2ban_Vuurmuur&oldid=437"