#install
tar zxvf fail2ban-0.9.4.tar.gz
cd fail2ban-0.9.4
python setup.py install
#script start
vi /etc/systemd/system/fail2ban.service
[Unit]
Description=Fail2Ban Service
Documentation=man:fail2ban(1)
After=network.target iptables.service firewalld.service firewalld.service
[Service]
Type=forking
ExecStart=/usr/bin/fail2ban-client -x start
ExecStop=/usr/bin/fail2ban-client stop
ExecReload=/usr/bin/fail2ban-client reload
PIDFile=/var/run/fail2ban/fail2ban.pid
Restart=always
[Install]
WantedBy=multi-user.target
#them duong dan centos
vi /etc/fail2ban/jail.conf
before = paths-fedora.conf
#kich hoat ung dung firewall
enabled = true
#thoi gian bi cam
bantime =3600
#thoi giam tinh maxretry
findtime = 3600
#so lan thu that bai
maxretry = 5
#xem ip da loai bo
fail2ban-client get sshd ignoreip
#them ip loai bo ko qua firewall
fail2ban-client set sshd addignoreip 113.161.94.31
# xem thoi gian bantime
fail2ban-client get sshd bantime
#xem so luong ip truy cap vao
awk '($(NF-1) = /Ban/){print $NF}' /var/log/fail2ban.log | sort | uniq -c | sort -n
#remove ip ban
fail2ban-client set sshd unbanip 124.232.156.78
#add ip into ban
fail2ban-client set sshd banip 124.232.156.78