ubuntu22.04 配置fail2ban

安装

apt update

apt install fail2ban

  

配置

cd  /etc/fail2ban

cp  jail.conf  jail.local

编辑jail.local文件

找到[sshd]的部分

配置如下:

[sshd]
enabled = true
port = 22022                       # 根据自己的sshd端口配置
filter = sshd
logpath = /var/log/auth.log
maxretry = 5
findtime = 600
bantime = 3600
backend = systemd
action = iptables[name=sshd, port=22022, protocol=tcp]

 查看是否有被ban的ip

root@jenkins-2-100:/etc/fail2ban# fail2ban-client status sshd
Status for the jail: sshd
|- Filter
|  |- Currently failed: 9
|  |- Total failed:     16
|  `- Journal matches:  _SYSTEMD_UNIT=sshd.service + _COMM=sshd
`- Actions
   |- Currently banned: 2
   |- Total banned:     3
   `- Banned IP list:   192.168.2.104 193.32.162.102

 

在被ban的服务器连接测试

root@dev01-2-104:~# ssh -p 22022 root@192.168.2.100
ssh: connect to host 192.168.2.100 port 22022: Connection refused
root@dev01-2-104:~# ssh -p 22022 root@192.168.2.100
ssh: connect to host 192.168.2.100 port 22022: Connection refused
root@dev01-2-104:~# ssh -p 22022 root@192.168.2.100
ssh: connect to host 192.168.2.100 port 22022: Connection refused
root@dev01-2-104:~# ssh -p 22022 root@192.168.2.100
ssh: connect to host 192.168.2.100 port 22022: Connection refused

 

移除被ban的ip

fail2ban-client set sshd unbanip 183.198.230.255 

  

 查看所有的规则

fail2ban-client status

  

 检查配置文件是否有语法错误

fail2ban-client -d

  

  

 

posted @ 2025-06-26 17:15  羊脂玉净瓶  阅读(12)  评论(0)    收藏  举报