Differences

This shows you the differences between two versions of the page.

--- сервис_fail2ban [2024/05/11 15:47]
val [Интеграция fail2ban и snort]
+++ сервис_fail2ban [2025/06/22 16:06] (current)
val [Мониторинг и управление]
@@ Line 14: / Line 14: @@
 # apt install fail2ban
-ubuntu24# wget https://launchpad.net/ubuntu/+source/fail2ban/1.1.0-1/+build/28291332/+files/fail2ban_1.1.0-1_all.deb
+ubuntu24# ###wget https://launchpad.net/ubuntu/+source/fail2ban/1.1.0-1/+build/28291332/+files/fail2ban_1.1.0-1_all.deb
-ubuntu24# dpkg -i fail2ban_1.1.0-1_all.deb
+ubuntu24# ###dpkg -i fail2ban_1.1.0-1_all.deb
 </code>
@@ Line 35: / Line 35: @@
 [sshd]
 maxretry = 6
+#port = 2222
 #ignoreip = 192.168.X.0/24 192.168.100+X.0/24
@@ Line 43: / Line 44: @@
 #action = iptables-allports[blocktype=DROP]
 #action = route[blocktype=blackhole]
+#https://github.com/fail2ban/fail2ban/discussions/3836|Asterisk 20.6 on Ubuntu 24.04: Fail2Ban not working
+#backend = auto
+#logpath  = /var/log/asterisk/messages.log
 </code>
@@ Line 58: / Line 63: @@
 # fail2ban-client status asterisk
+# nft list ruleset
 # fail2ban-client set asterisk unbanip 172.16.1.150
@@ Line 200: / Line 207: @@
 #!/bin/sh
-cat > /root/firewall.acl <<EOF
+cat > /srv/tftp/firewall.acl <<EOF
 no ip access-list extended ACL_FIREWALL
 ip access-list extended ACL_FIREWALL
 EOF
-/root/cisco-acl-deny.sh >> /root/firewall.acl
+/root/cisco-acl-deny.sh >> /srv/tftp/firewall.acl
-cat /root/cisco-acl-permit.txt >> /root/firewall.acl
+cat /root/cisco-acl-permit.txt >> /srv/tftp/firewall.acl
-/usr/bin/rcp /root/firewall.acl router:running-config
+#/usr/bin/rcp /srv/tftp/firewall.acl router:running-config
+#/usr/bin/snmpset -c write -v2c router .1.3.6.1.4.1.9.2.1.53.192.168.X.10 string "firewall.acl"
 </code><code>
 # cat /etc/fail2ban/action.d/cisco-acl.conf

Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Differences

Page Tools