This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
сервис_fail2ban [2021/02/23 15:55] val [Блокировка через iptables] |
сервис_fail2ban [2021/11/17 16:17] val [Установка] |
||
---|---|---|---|
Line 8: | Line 8: | ||
<code> | <code> | ||
+ | debian11# apt install iptables | ||
+ | |||
# apt install fail2ban | # apt install fail2ban | ||
</code> | </code> | ||
Line 78: | Line 80: | ||
cd /srv/tftp/ | cd /srv/tftp/ | ||
/usr/bin/git add * | /usr/bin/git add * | ||
- | /usr/bin/git status | grep 'modified\|deleted\|new file' | /usr/bin/git commit -a -F - | + | /usr/bin/git --no-optional-locks status | grep 'modified\|deleted\|new file' | /usr/bin/git commit -a -F - |
</code> | </code> | ||
===== Интеграция fail2ban и snort ===== | ===== Интеграция fail2ban и snort ===== | ||
Line 93: | Line 95: | ||
maxretry = 1 | maxretry = 1 | ||
logpath = /var/log/auth.log | logpath = /var/log/auth.log | ||
+ | #action = mail-admin | ||
#action = iptables-allports-forward | #action = iptables-allports-forward | ||
#action = cisco-acl | #action = cisco-acl | ||
Line 169: | Line 172: | ||
permit udp any any | permit udp any any | ||
permit tcp any any established | permit tcp any any established | ||
- | deny ip any any log | + | deny ip any any # log |
end | end | ||
</code><code> | </code><code> | ||
Line 193: | Line 196: | ||
actionban = /root/cisco-change-firewall.sh | actionban = /root/cisco-change-firewall.sh | ||
- | # f2b bug | + | actionunban = /root/cisco-change-firewall.sh |
- | actionunban = echo /root/cisco-change-firewall.sh | at now + 1 min | + | # if atack from DNS) |
+ | #actionunban = echo /root/cisco-change-firewall.sh | at now + 1 min | ||
</code> | </code> | ||