Both sides previous revision Previous revision Next revision | Previous revisionLast revisionBoth sides next revision |
home_server:home_server_setup:other_services:fail2ban [2019-12-26 Thu wk52 11:23] – baumkp | home_server:home_server_setup:other_services:fail2ban [2022-12-27 Tue wk52 21:12] – [Fail2Ban] baumkp |
---|
*''sudo apt install fail2ban'' to install fail2ban | *''sudo apt install fail2ban'' to install fail2ban |
*''sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local'' copy the main configuration file to a local file to be modified. It is recommended not to change the main file as it is updated with the package. | *''sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local'' copy the main configuration file to a local file to be modified. It is recommended not to change the main file as it is updated with the package. |
* | *''sudo vim /etc/fail2ban/jail.local'' and adjust the following basic settings: |
| *''ignoreip = 127.0.0.1/8 ::1 192.168.1.0/24'' |
| *''bantime = 60m'' |
| *''findtime = 60m'' |
| *''maxretry = 4'' |
| *then adjust each jail to be activated: |
| *<code postfix> |
| [postfix] |
| # To use another modes set filter parameter "mode" in jail.local: |
| enable = true |
| mode = more |
| bantime = 12h |
| port = smtp,465,submission |
| logpath = %(postfix_log)s |
| backend = %(postfix_backend)s </code> |
| *<code> |
| [postfix-sasl] |
| enabled = true |
| bantime = 12h |
| filter = postfix[mode=auth] |
| port = smtp,465,submission,imap,imaps,pop3,pop3s |
| # You might consider monitoring /var/log/mail.warn instead if you are |
| # running postfix since it would provide the same log lines at the |
| # "warn" level but overall at the smaller filesize. |
| logpath = %(postfix_log)s |
| backend = %(postfix_backend)s</code> |
| *''sudo systemctl restart fail2ban'' |
| *''sudo systemctl restart fail2ban'' or ''journalctl -u fail2ban -xe'' to check fail2ban start correctly |
| *''sudo iptables -S'' to check iptable |
| |
---- | ---- |
===Home Server Index=== | |
++++Home Server Index|<pagelist&header> | |
*[[home_server:home_server_setup:summary]] | |
*[[home_server:home_server_setup:home_it_setup]] | |
*[[home_server:home_server_setup:Network_setup]] | |
*[[home_server:home_server_setup:kvm]] | |
*[[home_server:home_server_setup:vnc_setup]] | |
*[[home_server:home_server_setup:disk_check]] | |
*[[home_server:home_server_setup:other_services]] | |
</pagelist>++++ | |
| |
===Home Server Other Index=== | |
++++Home Server Other Index|<pagelist&header> | |
*[[home_server:home_server_setup:other_services:index]] | |
*[[home_server:home_server_setup:other_services:timedate]] | |
*[[home_server:home_server_setup:other_services:aptcache]] | |
*[[home_server:home_server_setup:other_services:swap]] | |
*[[home_server:home_server_setup:other_services:bash]] | |
*[[home_server:home_server_setup:other_services:vim]] | |
*[[home_server:home_server_setup:other_services:symlinks]] | |
*[[home_server:home_server_setup:other_services:fail2ban]] | |
*[[home_server:home_server_setup:other_services:monit]] | |
*[[home_server:home_server_setup:other_services:tripwire]] | |
*[[home_server:home_server_setup:other_services:misc]] | |
</pagelist>++++ | |
| |
<- home_server:home_server_setup:other_services:symlinks|Prev ^ home_server:home_server_setup:other_services:index|Start page ^ home_server:home_server_setup:other_services:monit|Next -> | <- home_server:home_server_setup:other_services:symlinks|Prev ^ home_server:home_server_setup:other_services:index|Start page ^ home_server:home_server_setup:other_services:monit|Next -> |