Benutzer-Werkzeuge

Webseiten-Werkzeuge


fail2ban

Dies ist eine alte Version des Dokuments!


fail2ban


System updaten

apt-get update
apt-get upgrade


fail2ban installieren

apt-get install fail2ban


Dienststatus

service fail2ban status

service fail2ban stop
service fail2ban start
service fail2ban restart
root@raspberrypi3:/home/pi# service fail2ban status
● fail2ban.service - Fail2Ban Service
     Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2024-01-31 13:19:50 CET; 1min 3s ago
       Docs: man:fail2ban(1)
    Process: 20877 ExecStartPre=/bin/mkdir -p /run/fail2ban (code=exited, status=0/SUCCESS)
   Main PID: 20878 (fail2ban-server)
      Tasks: 5 (limit: 1595)
        CPU: 1.857s
     CGroup: /system.slice/fail2ban.service
             └─20878 /usr/bin/python3 /usr/bin/fail2ban-server -xf start

Jan 31 13:19:50 raspberrypi3 systemd[1]: Starting Fail2Ban Service...
Jan 31 13:19:50 raspberrypi3 systemd[1]: Started Fail2Ban Service.
Jan 31 13:19:52 raspberrypi3 fail2ban-server[20878]: Server ready


Log-File

tail- f /var/log/fail2ban.log
bash: tail-: command not found
root@raspberrypi3:/home/pi# tail -f /var/log/fail2ban.log
2024-01-31 13:19:52,130 fail2ban.jail           [20878]: INFO    Creating new jail 'sshd'
2024-01-31 13:19:52,318 fail2ban.jail           [20878]: INFO    Jail 'sshd' uses pyinotify {}
2024-01-31 13:19:52,341 fail2ban.jail           [20878]: INFO    Initiated 'pyinotify' backend
2024-01-31 13:19:52,360 fail2ban.filter         [20878]: INFO      maxLines: 1
2024-01-31 13:19:52,643 fail2ban.filter         [20878]: INFO      maxRetry: 5
2024-01-31 13:19:52,645 fail2ban.filter         [20878]: INFO      findtime: 600
2024-01-31 13:19:52,646 fail2ban.actions        [20878]: INFO      banTime: 600
2024-01-31 13:19:52,647 fail2ban.filter         [20878]: INFO      encoding: UTF-8
2024-01-31 13:19:52,651 fail2ban.filter         [20878]: INFO    Added logfile: '/var/log/auth.log' (pos = 0, hash = 6ab07ffed84cb62c8dcb4600d0b0630ab9c821f5)
2024-01-31 13:19:52,671 fail2ban.jail           [20878]: INFO    Jail 'sshd' started


Dateiübersicht

ls -l /etc/fail2ban/
total 64
drwxr-xr-x 2 root root  4096 Jan 31 13:19 action.d
-rw-r--r-- 1 root root  2816 Nov 23  2020 fail2ban.conf
drwxr-xr-x 2 root root  4096 Jul 12  2021 fail2ban.d
drwxr-xr-x 3 root root  4096 Jan 31 13:19 filter.d
-rw-r--r-- 1 root root 24996 Nov 23  2020 jail.conf
drwxr-xr-x 2 root root  4096 Jan 31 13:19 jail.d
-rw-r--r-- 1 root root   645 Nov 23  2020 paths-arch.conf
-rw-r--r-- 1 root root  2827 Nov 23  2020 paths-common.conf
-rw-r--r-- 1 root root   573 Nov 23  2020 paths-debian.conf
-rw-r--r-- 1 root root   738 Nov 23  2020 paths-opensuse.conf


Quellen

fail2ban.1706704876.txt.gz · Zuletzt geändert: 31.01.2024 von hochrath