Blame
| 360d75 | Anonymous | 2026-01-31 03:06:22 | 1 | # Fail2Ban |
| 2 | ||||
| 3 | install fail2ban from slackbuilds.org |
|||
| 4 | ||||
| 5 | copy jail.conf to jail.local |
|||
| 6 | ||||
| 7 | <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> |
|||
| 8 | ||||
| 9 | open jail.local |
|||
| 10 | ||||
| 11 | <code>nano /etc/fail2ban/jail.local</code> |
|||
| 12 | ||||
| 13 | scroll down to the section [SSHD] |
|||
| 14 | ||||
| 15 | ||||
| 16 | [sshd] |
|||
| 17 | ||||
| 18 | To use more aggressive sshd modes set filter parameter "mode" in jail.local: |
|||
| 19 | ||||
| 20 | -normal (default), |
|||
| 21 | ||||
| 22 | -ddos, |
|||
| 23 | ||||
| 24 | -extra or |
|||
| 25 | ||||
| 26 | -aggressive (combines all). |
|||
| 27 | ||||
| 28 | See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. |
|||
| 29 | mode = normal |
|||
| 30 | ||||
| 5f6331 | Anonymous | 2026-01-31 04:23:15 | 31 | <code>logpath = /var/log/secure</code> |
| 32 | ||||
| 33 | <code>backend = auto</code> |
|||
| 34 | ||||
| 35 | <code>enabled = true</code> |
|||
| 36 | ||||
| 37 | <code>port = ssh 2200</code> |
|||
| 38 | ||||
| 39 | <code>filter = sshd</code> |
|||
| 40 | ||||
| 41 | <code>maxretry = 2</code> |
|||
| 42 | ||||
| 43 | <code>findtime = 300</code> |
|||
| 44 | ||||
| 45 | <code>bantime = 86400</code> |
|||
| 46 | ||||
| 47 | <code>ignoreip = 127.0.0.1 192.168.0.*</code> |