Fail2ban

Z wiki
Skočit na navigaci Skočit na vyhledávání 
/etc/fail2ban/jail.d/defaults-debian.conf
[DEFAULT]
banaction = iptables-multiport
banaction_allports = iptables-allports
backend = systemd


/etc/fail2ban/filter.d/checkmk.conf [Definition] failregex = .* \[cmk_security\.auth \d+\] \{"summary": "authentication failed".*"remote_ip": "<HOST>".* ignoreregex =

sudo fail2ban-regex /path/to/your/checkmk/var/log/security.log /etc/fail2ban/filter.d/checkmk.conf


/etc/fail2ban/jail.local [checkmk] enabled = true filter = checkmk logpath = /path/to/your/checkmk/var/log/security.log maxretry = 3 bantime = 3600 findtime = 600 backend = auto

systemctl reload fail2ban

fail2ban-client status checkmk

Citováno z „https://wiki.chalupsky.org/index.php?title=Fail2ban&oldid=13