jail.local
[DEFAULT]
ignoreip = 127.0.0.1/8 116.235.0.0/16 172.25.0.0/24
[sshd]
enabled = true
port = 22
filter = sshd
logpath = /var/log/auth.log
#backend = systemd
maxretry = 3
findtime = 600
bantime = 1200
解除IP锁定
sudo fail2ban-client unban 192.168.1.13
查看日志
tail /var/log/fail2ban.log
增大inotify
sudo vim /etc/sysctl.conf
fs.inotify.max_user_instances=512
sysctl -p
netstat -nat|grep -i ':22'
查看哪些IP在连接22端口