安装步骤,以centos为例
yum install fail2ban -y
配置
vi /etc/fail2ban/jail.d/sshd.local
[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=22, protocol=tcp]
logpath = /var/log/secure
maxretry = 3
bantime = 365d
findtime=365d
服务启动
systemctl start fail2ban
systemctl stop fail2ban
systemctl enable fail2ban
查看ban状态
fail2ban-client status ssh-iptables
fail2ban-client set ssh-iptables unbanip 42.11.11.11