1、解压安装
tar xzvf fail2ban-0.9.4.tar.gz
cd fail2ban-0.9.4
python setup.py install
2、检查是否安装成功
fail2ban-client -h
3、启动服务
cp files/redhat-initd /etc/rc.d/init.d/fail2ban
chkconfig --add fail2ban
service fail2ban start
4、Centos 7.0以前的iptables不支持-w参数需修改配置
vi /etc/fail2ban/action.d/iptables-common.conf
lockingopt = -w
去掉-w修改为
lockingopt =
5、增加sshd配置
vi /etc/fail2ban/jail.conf
[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
logpath = /var/log/secure
maxretry = 3
findtime = 300
bantime = 86400
tar xzvf fail2ban-0.9.4.tar.gz
cd fail2ban-0.9.4
python setup.py install
2、检查是否安装成功
fail2ban-client -h
3、启动服务
cp files/redhat-initd /etc/rc.d/init.d/fail2ban
chkconfig --add fail2ban
service fail2ban start
4、Centos 7.0以前的iptables不支持-w参数需修改配置
vi /etc/fail2ban/action.d/iptables-common.conf
lockingopt = -w
去掉-w修改为
lockingopt =
5、增加sshd配置
vi /etc/fail2ban/jail.conf
[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
logpath = /var/log/secure
maxretry = 3
findtime = 300
bantime = 86400