- [Show page]
- [Old revisions]
- [[unknown link type]]
- []
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
linux:fail2ban [2015/11/09 16:31] vondra created |
linux:fail2ban [2020/12/09 23:29] (current) admin |
||
---|---|---|---|
Line 2: | Line 2: | ||
ban hosts that cause multiple authentication errors | ban hosts that cause multiple authentication errors | ||
===== Installation from git ===== | ===== Installation from git ===== | ||
+ | Version included in wheezy repository (0.8.6) has serious issues with timezones and other bugs, so you would like to use last version from git repository | ||
+ | - clone repository<code bash> | ||
+ | git clone https://github.com/fail2ban/fail2ban.git</code> | ||
+ | - change directory and install the app<code bash> | ||
+ | cd fail2ban | ||
+ | python setup.py install</code> | ||
+ | - copy config files<code bash> | ||
+ | cp config/* /etc/fail2ban/</code> | ||
+ | - print iptables version<code bash>iptables --version</code> | ||
+ | - if iptables version <1.4.20 edit the /etc/fail2ban/action.d/iptables-common.conf and set locking opt to empty string: <code>lockingopt =</code> | ||
+ | - create startup script and start the service<code bash> | ||
+ | cp files/debian-initd /etc/init.d/fail2ban | ||
+ | update-rc.d fail2ban defaults | ||
+ | service fail2ban start</code> | ||
+ | * NOTE: installation script registers the app to python package system so uninstall (in case you want to switch back to distribution package) is as easy as <code>pip uninstall fail2ban</code> | ||
+ | |||
+ | ====== Cleaning/shrinking the sqlite3 file ======= | ||
+ | DELETE FROM bans WHERE DATE(timeofban, 'unixepoch') < '2020-01-01'; VACUUM; | ||
+ | |||
+ | |||
+ | ====== Asterisk ====== | ||
+ | change default context in /etc/fail2ban/filter.d/asterisk in following line <code> | ||
+ | ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s Call from '[^']*' \(<HOST>:\d+\) to extension '\d+' rejected because extension not found in context 'default'\.$</code> | ||
+ | |||
linux/fail2ban.1447083116.txt.gz · Last modified: 2015/11/09 16:31 by vondra