Firewalld:CentOS7 Fire2Ban+Firewalld使用
安装
sudo yum -y install epel-release
sudo yum -y install fail2ban
配置
新建文件:/etc/fail2ban/jail.local,输入内容如下:
[DEFAULT]
# 白名单
ignoreip = 127.0.0.1/8
# 1年
bantime = 1y
# 5分钟内失败5次,就被禁ip
findtime = 5m
maxretry = 5
[sshd]
enabled = true
filter = sshd
port = 22
logpath = /var/log/secure
启动fail2ban
sudo systemctl restart fail2ban.service
sudo systemctl enable fail2ban
# 验证启动成功,不出现Error说明成功
fail2ban-client status sshd
常用命令
# 查看被ban IP,其中sshd为名称,比如上面的[sshd]
fail2ban-client status sshd
# 删除被ban IP
fail2ban-client set sshd unbanip 192.168.111.111
# 如果上述命令出错,可尝试执行
fail2ban-client set sshd delignoreip 192.168.111.111
# 查看日志
tail /var/log/fail2ban.log