[原创] fail2ban

winsphinx · Jan 15, 2025 · 9ecb2fa · 9ecb2fa
1 parent 7091064
commit 9ecb2fa
Showing 1 changed file with 35 additions and 0 deletions.
diff --git a/content/post/fail2ban.md b/content/post/fail2ban.md
@@ -0,0 +1,35 @@
++++
+title = "fail2ban"
+date = 2025-01-15T18:40:00+08:00
+lastmod = 2025-01-15T18:46:51+08:00
+tags = ["linux", "network"]
+categories = ["技术"]
+draft = false
++++
+
+近日发现很多对于端口的扫描，虽然由于 ufw 的拦截并不能进入，但还是想用 fail2ban 来封禁这些 IP，减少被扫描的次数。因此增加了更多的 jail 配置。 <br/>
+
+<!--more-->
+
+
+## 设置 {#设置}
+
+编辑 `/etc/fail2ban/jail.d/defaults-debian.conf` 文件： <br/>
+
+```text
+[DEFAULT]
+banaction = ufw
+bantime = 10m
+banTime.increment = true
+
+[sshd]
+enabled = true
+
+[ufw]
+enabled = true
+filte = ufw
+action = iptables-allports
+logpath = /var/log/ufw.log
+maxretry = 1
+```
+