{"id":8779,"date":"2018-12-06T01:32:50","date_gmt":"2018-12-05T17:32:50","guid":{"rendered":"http:\/\/4563.org\/?p=8779"},"modified":"2018-12-06T01:35:00","modified_gmt":"2018-12-05T17:35:00","slug":"centos6-7%e7%b3%bb%e7%bb%9f%e5%ae%89%e8%a3%85fail2ban%e9%98%b2cc%e6%94%bb%e5%87%bb%e5%92%8cssh%e6%9a%b4%e5%8a%9b%e7%a0%b4%e8%a7%a3","status":"publish","type":"post","link":"http:\/\/4563.org\/?p=8779","title":{"rendered":"centos6\/7\u7cfb\u7edf\u5b89\u88c5fail2ban\u9632CC\u653b\u51fb\u548cSSH\u66b4\u529b\u7834\u89e3"},"content":{"rendered":"<div class=\"content-post\">\n<p>centos6\/7\u7cfb\u7edf\u5b89\u88c5fail2ban\u9632CC\u653b\u51fb\u548cSSH\u66b4\u529b\u7834\u89e3<br \/>\n\u4ee5\u4e0b\u6559\u7a0b\u9002\u5408centos6\u548c7\u7cfb\u7edf\uff0c\u5176\u4ed6\u64cd\u4f5c\u7cfb\u7edf\u5c1a\u672a\u5c1d\u8bd5\u3002<\/p>\n<h2>\u5b89\u88c5\uff1a<\/h2>\n<p>\u5148\u5b89\u88c5epel\u6e90<\/p>\n<div class=\"dp-highlighter\">\n<ol class=\"dp-c\" start=\"1\">\n<li class=\"alt\">yum\u00a0-y\u00a0install\u00a0epel-release<\/li>\n<\/ol>\n<\/div>\n<p>\u7136\u540e\u5b89\u88c5fail2ban<\/p>\n<div class=\"dp-highlighter\">\n<ol class=\"dp-c\" start=\"1\">\n<li class=\"alt\">yum\u00a0-y\u00a0install\u00a0fail2ban<\/li>\n<\/ol>\n<\/div>\n<p>\u7136\u540e\u7f16\u8f91\u914d\u7f6e\u6587\u4ef6\/etc\/fail2ban\/jail.conf<\/p>\n<div class=\"dp-highlighter\">\n<div class=\"bar\"><\/div>\n<ol class=\"dp-c\" start=\"1\">\n<li class=\"alt\">[DEFAULT]<\/li>\n<li class=\"\">#\u00a0<span class=\"string\">&#8220;ignoreip&#8221;<\/span>\u00a0can\u00a0be\u00a0an\u00a0IP\u00a0address,\u00a0a\u00a0CIDR\u00a0mask\u00a0<span class=\"keyword\">or<\/span>\u00a0a\u00a0DNS\u00a0host.\u00a0Fail2ban\u00a0will\u00a0not<\/li>\n<li class=\"alt\">#\u00a0ban\u00a0a\u00a0host\u00a0which\u00a0matches\u00a0an\u00a0address\u00a0in\u00a0this\u00a0list.\u00a0Several\u00a0addresses\u00a0can\u00a0be<\/li>\n<li class=\"\">#\u00a0defined\u00a0using\u00a0space\u00a0separator.<\/li>\n<li class=\"alt\">ignoreip\u00a0=\u00a0127.0.0.1\/8<\/li>\n<li class=\"\">#\u00a0External\u00a0command\u00a0that\u00a0will\u00a0take\u00a0an\u00a0tagged\u00a0arguments\u00a0to\u00a0ignore,\u00a0e.g.\u00a0,<\/li>\n<li class=\"alt\">#\u00a0<span class=\"keyword\">and<\/span>\u00a0<span class=\"keyword\">return<\/span>\u00a0true\u00a0<span class=\"keyword\">if<\/span>\u00a0the\u00a0IP\u00a0is\u00a0to\u00a0be\u00a0ignored.\u00a0False\u00a0otherwise.<\/li>\n<li class=\"\">#<\/li>\n<li class=\"alt\">#\u00a0ignorecommand\u00a0=\u00a0\/path\/to\/command<\/li>\n<li class=\"\">ignorecommand\u00a0=<\/li>\n<li class=\"alt\">#\u00a0<span class=\"string\">&#8220;bantime&#8221;<\/span>\u00a0is\u00a0the\u00a0number\u00a0of\u00a0seconds\u00a0that\u00a0a\u00a0host\u00a0is\u00a0banned.<\/li>\n<li class=\"\">bantime\u00a0=\u00a0600<\/li>\n<li class=\"alt\">#\u00a0A\u00a0host\u00a0is\u00a0banned\u00a0<span class=\"keyword\">if<\/span>\u00a0it\u00a0has\u00a0generated\u00a0<span class=\"string\">&#8220;maxretry&#8221;<\/span>\u00a0during\u00a0the\u00a0last\u00a0<span class=\"string\">&#8220;findtime&#8221;<\/span><\/li>\n<li class=\"\">#\u00a0seconds.<\/li>\n<li class=\"alt\">findtime\u00a0=\u00a0600<\/li>\n<li class=\"\">#\u00a0<span class=\"string\">&#8220;maxretry&#8221;<\/span>\u00a0is\u00a0the\u00a0number\u00a0of\u00a0failures\u00a0before\u00a0a\u00a0host\u00a0get\u00a0banned.<\/li>\n<li class=\"alt\">maxretry\u00a0=\u00a03<\/li>\n<li class=\"\">#\u00a0<span class=\"string\">&#8220;backend&#8221;<\/span>\u00a0specifies\u00a0the\u00a0backend\u00a0used\u00a0to\u00a0get\u00a0files\u00a0modification.<\/li>\n<li class=\"alt\">#\u00a0Available\u00a0options\u00a0are\u00a0<span class=\"string\">&#8220;pyinotify&#8221;<\/span>,\u00a0<span class=\"string\">&#8220;gamin&#8221;<\/span>,\u00a0<span class=\"string\">&#8220;polling&#8221;<\/span>\u00a0<span class=\"keyword\">and<\/span>\u00a0<span class=\"string\">&#8220;auto&#8221;<\/span>.<\/li>\n<li class=\"\">#\u00a0This\u00a0option\u00a0can\u00a0be\u00a0overridden\u00a0in\u00a0each\u00a0jail\u00a0<span class=\"keyword\">as<\/span>\u00a0well.<\/li>\n<li class=\"alt\">#<\/li>\n<li class=\"\">#\u00a0pyinotify:\u00a0requires\u00a0pyinotify\u00a0(a\u00a0file\u00a0alteration\u00a0monitor)\u00a0to\u00a0be\u00a0installed.<\/li>\n<li class=\"alt\">#\u00a0If\u00a0pyinotify\u00a0is\u00a0not\u00a0installed,\u00a0Fail2ban\u00a0will\u00a0<span class=\"keyword\">use<\/span>\u00a0auto.<\/li>\n<li class=\"\">#\u00a0gamin:\u00a0requires\u00a0Gamin\u00a0(a\u00a0file\u00a0alteration\u00a0monitor)\u00a0to\u00a0be\u00a0installed.<\/li>\n<li class=\"alt\">#\u00a0If\u00a0Gamin\u00a0is\u00a0not\u00a0installed,\u00a0Fail2ban\u00a0will\u00a0<span class=\"keyword\">use<\/span>\u00a0auto.<\/li>\n<li class=\"\">#\u00a0polling:\u00a0uses\u00a0a\u00a0polling\u00a0algorithm\u00a0which\u00a0does\u00a0not\u00a0<span class=\"keyword\">require<\/span>\u00a0external\u00a0libraries.<\/li>\n<li class=\"alt\">#\u00a0auto:\u00a0will\u00a0try\u00a0to\u00a0<span class=\"keyword\">use<\/span>\u00a0the\u00a0following\u00a0backends,\u00a0in\u00a0order:<\/li>\n<li class=\"\">#\u00a0pyinotify,\u00a0gamin,\u00a0polling.<\/li>\n<li class=\"alt\">backend\u00a0=\u00a0auto<\/li>\n<li class=\"\">#\u00a0<span class=\"string\">&#8220;usedns&#8221;<\/span>\u00a0specifies\u00a0<span class=\"keyword\">if<\/span>\u00a0jails\u00a0should\u00a0trust\u00a0hostnames\u00a0in\u00a0logs,<\/li>\n<li class=\"alt\">#\u00a0warn\u00a0when\u00a0DNS\u00a0lookups\u00a0are\u00a0performed,\u00a0<span class=\"keyword\">or<\/span>\u00a0ignore\u00a0all\u00a0hostnames\u00a0in\u00a0logs<\/li>\n<li class=\"\">#<\/li>\n<li class=\"alt\">#\u00a0yes:\u00a0<span class=\"keyword\">if<\/span>\u00a0a\u00a0hostname\u00a0is\u00a0encountered,\u00a0a\u00a0DNS\u00a0lookup\u00a0will\u00a0be\u00a0performed.<\/li>\n<li class=\"\">#\u00a0warn:\u00a0<span class=\"keyword\">if<\/span>\u00a0a\u00a0hostname\u00a0is\u00a0encountered,\u00a0a\u00a0DNS\u00a0lookup\u00a0will\u00a0be\u00a0performed,<\/li>\n<li class=\"alt\">#\u00a0but\u00a0it\u00a0will\u00a0be\u00a0logged\u00a0<span class=\"keyword\">as<\/span>\u00a0a\u00a0warning.<\/li>\n<li class=\"\">#\u00a0no:\u00a0<span class=\"keyword\">if<\/span>\u00a0a\u00a0hostname\u00a0is\u00a0encountered,\u00a0will\u00a0not\u00a0be\u00a0used\u00a0<span class=\"keyword\">for<\/span>\u00a0banning,<\/li>\n<li class=\"alt\">#\u00a0but\u00a0it\u00a0will\u00a0be\u00a0logged\u00a0<span class=\"keyword\">as<\/span>\u00a0info.<\/li>\n<li class=\"\">usedns\u00a0=\u00a0warn<\/li>\n<\/ol>\n<\/div>\n<p>\u7136\u540e\u5728\/etc\/fail2ban\/jail.d\u76ee\u5f55\u65b0\u5efajail.local\u6587\u4ef6\uff0c\u6587\u4ef6\u5185\u5bb9\u5982\u4e0b\uff1a<\/p>\n<div class=\"dp-highlighter\">\n<div class=\"bar\"><\/div>\n<ol class=\"dp-c\" start=\"1\">\n<li class=\"alt\">[DEFAULT]<\/li>\n<li class=\"\">#\u00a0<span class=\"string\">&#8220;ignoreip&#8221;<\/span>\u00a0can\u00a0be\u00a0an\u00a0IP\u00a0address,\u00a0a\u00a0CIDR\u00a0mask\u00a0<span class=\"keyword\">or<\/span>\u00a0a\u00a0DNS\u00a0host.\u00a0Fail2ban\u00a0will\u00a0not<\/li>\n<li class=\"alt\">#\u00a0ban\u00a0a\u00a0host\u00a0which\u00a0matches\u00a0an\u00a0address\u00a0in\u00a0this\u00a0list.\u00a0Several\u00a0addresses\u00a0can\u00a0be<\/li>\n<li class=\"\">#\u00a0defined\u00a0using\u00a0space\u00a0separator.<\/li>\n<li class=\"alt\">ignoreip\u00a0=\u00a0127.0.0.1\/8,67.230.187.137,42.51.223.212,42.51.223.232,149.129.91.164,173.82.152.161<\/li>\n<li class=\"\">#\u00a0External\u00a0command\u00a0that\u00a0will\u00a0take\u00a0an\u00a0tagged\u00a0arguments\u00a0to\u00a0ignore,\u00a0e.g.\u00a0,<\/li>\n<li class=\"alt\">#\u00a0<span class=\"keyword\">and<\/span>\u00a0<span class=\"keyword\">return<\/span>\u00a0true\u00a0<span class=\"keyword\">if<\/span>\u00a0the\u00a0IP\u00a0is\u00a0to\u00a0be\u00a0ignored.\u00a0False\u00a0otherwise.<\/li>\n<li class=\"\">#<\/li>\n<li class=\"alt\">#\u00a0ignorecommand\u00a0=\u00a0\/path\/to\/command<\/li>\n<li class=\"\">ignorecommand\u00a0=<\/li>\n<li class=\"alt\">#\u00a0<span class=\"string\">&#8220;bantime&#8221;<\/span>\u00a0is\u00a0the\u00a0number\u00a0of\u00a0seconds\u00a0that\u00a0a\u00a0host\u00a0is\u00a0banned.<\/li>\n<li class=\"\">bantime\u00a0=\u00a0600<\/li>\n<li class=\"alt\">#\u00a0A\u00a0host\u00a0is\u00a0banned\u00a0<span class=\"keyword\">if<\/span>\u00a0it\u00a0has\u00a0generated\u00a0<span class=\"string\">&#8220;maxretry&#8221;<\/span>\u00a0during\u00a0the\u00a0last\u00a0<span class=\"string\">&#8220;findtime&#8221;<\/span><\/li>\n<li class=\"\">#\u00a0seconds.<\/li>\n<li class=\"alt\">findtime\u00a0=\u00a0600<\/li>\n<li class=\"\">#\u00a0<span class=\"string\">&#8220;maxretry&#8221;<\/span>\u00a0is\u00a0the\u00a0number\u00a0of\u00a0failures\u00a0before\u00a0a\u00a0host\u00a0get\u00a0banned.<\/li>\n<li class=\"alt\">maxretry\u00a0=\u00a03<\/li>\n<li class=\"\">#\u00a0<span class=\"string\">&#8220;backend&#8221;<\/span>\u00a0specifies\u00a0the\u00a0backend\u00a0used\u00a0to\u00a0get\u00a0files\u00a0modification.<\/li>\n<li class=\"alt\">#\u00a0Available\u00a0options\u00a0are\u00a0<span class=\"string\">&#8220;pyinotify&#8221;<\/span>,\u00a0<span class=\"string\">&#8220;gamin&#8221;<\/span>,\u00a0<span class=\"string\">&#8220;polling&#8221;<\/span>\u00a0<span class=\"keyword\">and<\/span>\u00a0<span class=\"string\">&#8220;auto&#8221;<\/span>.<\/li>\n<li class=\"\">#\u00a0This\u00a0option\u00a0can\u00a0be\u00a0overridden\u00a0in\u00a0each\u00a0jail\u00a0<span class=\"keyword\">as<\/span>\u00a0well.<\/li>\n<li class=\"alt\">#<\/li>\n<li class=\"\">#\u00a0pyinotify:\u00a0requires\u00a0pyinotify\u00a0(a\u00a0file\u00a0alteration\u00a0monitor)\u00a0to\u00a0be\u00a0installed.<\/li>\n<li class=\"alt\">#\u00a0If\u00a0pyinotify\u00a0is\u00a0not\u00a0installed,\u00a0Fail2ban\u00a0will\u00a0<span class=\"keyword\">use<\/span>\u00a0auto.<\/li>\n<li class=\"\">#\u00a0gamin:\u00a0requires\u00a0Gamin\u00a0(a\u00a0file\u00a0alteration\u00a0monitor)\u00a0to\u00a0be\u00a0installed.<\/li>\n<li class=\"alt\">#\u00a0If\u00a0Gamin\u00a0is\u00a0not\u00a0installed,\u00a0Fail2ban\u00a0will\u00a0<span class=\"keyword\">use<\/span>\u00a0auto.<\/li>\n<li class=\"\">#\u00a0polling:\u00a0uses\u00a0a\u00a0polling\u00a0algorithm\u00a0which\u00a0does\u00a0not\u00a0<span class=\"keyword\">require<\/span>\u00a0external\u00a0libraries.<\/li>\n<li class=\"alt\">#\u00a0auto:\u00a0will\u00a0try\u00a0to\u00a0<span class=\"keyword\">use<\/span>\u00a0the\u00a0following\u00a0backends,\u00a0in\u00a0order:<\/li>\n<li class=\"\">#\u00a0pyinotify,\u00a0gamin,\u00a0polling.<\/li>\n<li class=\"alt\">backend\u00a0=\u00a0auto<\/li>\n<li class=\"\">#\u00a0<span class=\"string\">&#8220;usedns&#8221;<\/span>\u00a0specifies\u00a0<span class=\"keyword\">if<\/span>\u00a0jails\u00a0should\u00a0trust\u00a0hostnames\u00a0in\u00a0logs,<\/li>\n<li class=\"alt\">#\u00a0warn\u00a0when\u00a0DNS\u00a0lookups\u00a0are\u00a0performed,\u00a0<span class=\"keyword\">or<\/span>\u00a0ignore\u00a0all\u00a0hostnames\u00a0in\u00a0logs<\/li>\n<li class=\"\">#<\/li>\n<li class=\"alt\">#\u00a0yes:\u00a0<span class=\"keyword\">if<\/span>\u00a0a\u00a0hostname\u00a0is\u00a0encountered,\u00a0a\u00a0DNS\u00a0lookup\u00a0will\u00a0be\u00a0performed.<\/li>\n<li class=\"\">#\u00a0warn:\u00a0<span class=\"keyword\">if<\/span>\u00a0a\u00a0hostname\u00a0is\u00a0encountered,\u00a0a\u00a0DNS\u00a0lookup\u00a0will\u00a0be\u00a0performed,<\/li>\n<li class=\"alt\">#\u00a0but\u00a0it\u00a0will\u00a0be\u00a0logged\u00a0<span class=\"keyword\">as<\/span>\u00a0a\u00a0warning.<\/li>\n<li class=\"\">#\u00a0no:\u00a0<span class=\"keyword\">if<\/span>\u00a0a\u00a0hostname\u00a0is\u00a0encountered,\u00a0will\u00a0not\u00a0be\u00a0used\u00a0<span class=\"keyword\">for<\/span>\u00a0banning,<\/li>\n<li class=\"alt\">#\u00a0but\u00a0it\u00a0will\u00a0be\u00a0logged\u00a0<span class=\"keyword\">as<\/span>\u00a0info.<\/li>\n<li class=\"\">usedns\u00a0=\u00a0warn<\/li>\n<\/ol>\n<\/div>\n<p>\u5b8c\u6210\u540ecentos6\u7cfb\u7edf\u8f93\u5165\u4ee5\u4e0b\u547d\u4ee4\u542f\u52a8<\/p>\n<div class=\"dp-highlighter\">\n<ol class=\"dp-c\" start=\"1\">\n<li class=\"alt\">service\u00a0fail2ban\u00a0restart<\/li>\n<\/ol>\n<\/div>\n<p>centos7\u7cfb\u7edf\u8f93\u5165\u4ee5\u4e0b\u547d\u4ee4\u542f\u52a8<\/p>\n<div class=\"dp-highlighter\">\n<ol class=\"dp-c\" start=\"1\">\n<li class=\"alt\">systemctl\u00a0restart\u00a0fail2ban.service<\/li>\n<\/ol>\n<\/div>\n<p>\u8bbe\u7f6ecentos6\u548ccentos7\u7cfb\u7edf\u7684\u5f00\u673a\u542f\u52a8<\/p>\n<div class=\"dp-highlighter\">\n<ol class=\"dp-c\" start=\"1\">\n<li class=\"alt\">CentOS\u00a06:<\/li>\n<li class=\"\">chkconfig\u00a0fail2ban\u00a0on<\/li>\n<li class=\"alt\">CentOS\u00a07:<\/li>\n<li class=\"\">systemctl\u00a0enable\u00a0fail2ban<\/li>\n<\/ol>\n<\/div>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p><img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-8784\" src=\"http:\/\/4563.org\/wp-content\/uploads\/2018\/12\/20181205_173432.png\" alt=\"\" width=\"675\" height=\"425\" \/> <img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-8785\" src=\"http:\/\/4563.org\/wp-content\/uploads\/2018\/12\/20181205_173435.png\" alt=\"\" width=\"675\" height=\"425\" \/> <img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-8786\" src=\"http:\/\/4563.org\/wp-content\/uploads\/2018\/12\/20181205_173436.png\" alt=\"\" width=\"668\" height=\"87\" \/><\/p>\n<p>\u4f86\u6dbc:https:\/\/www.cheshirex.com\/1632.html<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>centos6\/7\u7cfb\u7edf\u5b89\u88c5fail&hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[],"tags":[],"_links":{"self":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/8779"}],"collection":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8779"}],"version-history":[{"count":2,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/8779\/revisions"}],"predecessor-version":[{"id":8787,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/8779\/revisions\/8787"}],"wp:attachment":[{"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8779"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8779"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8779"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}