Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
home_server:home_server_setup:other_services:fail2ban [2019-12-26 Thu wk52 11:23] baumkphome_server:home_server_setup:other_services:fail2ban [2023-04-30 Sun wk17 17:43] (current) – external edit 127.0.0.1
Line 5: Line 5:
   *''sudo apt install fail2ban'' to install fail2ban   *''sudo apt install fail2ban'' to install fail2ban
   *''sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local'' copy the main configuration file to a local file to be modified.  It is recommended not to change the main file as it is updated with the package.   *''sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local'' copy the main configuration file to a local file to be modified.  It is recommended not to change the main file as it is updated with the package.
-  *+  *''sudo vim /etc/fail2ban/jail.local'' and adjust the following basic settings: 
 +    *''ignoreip = 127.0.0.1/8 ::1 192.168.1.0/24'' 
 +    *''bantime  = 60m'' 
 +    *''findtime  = 60m'' 
 +    *''maxretry = 4'' 
 +  *then adjust each jail to be activated: 
 +    *<code postfix> 
 +[postfix] 
 +# To use another modes set filter parameter "mode" in jail.local: 
 +enable  = true 
 +mode    = more 
 +bantime = 12h 
 +port    = smtp,465,submission 
 +logpath = %(postfix_log)s 
 +backend = %(postfix_backend)s </code> 
 +    *<code> 
 +[postfix-sasl] 
 +enabled  = true 
 +bantime  = 12h 
 +filter   = postfix[mode=auth] 
 +port     = smtp,465,submission,imap,imaps,pop3,pop3s 
 +# You might consider monitoring /var/log/mail.warn instead if you are 
 +# running postfix since it would provide the same log lines at the 
 +# "warn" level but overall at the smaller filesize. 
 +logpath  = %(postfix_log)s 
 +backend  = %(postfix_backend)s</code> 
 +  *''sudo systemctl restart fail2ban'' 
 +  *''sudo systemctl restart fail2ban'' or ''journalctl -u fail2ban -xe'' to check fail2ban start correctly 
 +  *''sudo iptables -S'' to check iptable 
  
 ---- ----
-===Home Server Index=== 
-++++Home Server Index|<pagelist&header> 
-*[[home_server:home_server_setup:summary]] 
-*[[home_server:home_server_setup:home_it_setup]] 
-*[[home_server:home_server_setup:Network_setup]] 
-*[[home_server:home_server_setup:kvm]] 
-*[[home_server:home_server_setup:vnc_setup]] 
-*[[home_server:home_server_setup:disk_check]] 
-*[[home_server:home_server_setup:other_services]] 
-</pagelist>++++ 
  
-===Home Server Other Index=== 
-++++Home Server Other Index|<pagelist&header> 
-*[[home_server:home_server_setup:other_services:index]] 
-*[[home_server:home_server_setup:other_services:timedate]] 
-*[[home_server:home_server_setup:other_services:aptcache]] 
-*[[home_server:home_server_setup:other_services:swap]] 
-*[[home_server:home_server_setup:other_services:bash]] 
-*[[home_server:home_server_setup:other_services:vim]] 
-*[[home_server:home_server_setup:other_services:symlinks]] 
-*[[home_server:home_server_setup:other_services:fail2ban]] 
-*[[home_server:home_server_setup:other_services:monit]] 
-*[[home_server:home_server_setup:other_services:tripwire]] 
-*[[home_server:home_server_setup:other_services:misc]] 
-</pagelist>++++ 
  
 <- home_server:home_server_setup:other_services:symlinks|Prev ^ home_server:home_server_setup:other_services:index|Start page ^ home_server:home_server_setup:other_services:monit|Next -> <- home_server:home_server_setup:other_services:symlinks|Prev ^ home_server:home_server_setup:other_services:index|Start page ^ home_server:home_server_setup:other_services:monit|Next ->