freebsd:network:fail2ban
Это старая версия документа!
Fail2Ban: ударим банхаммером по брутефорсу!
Введение
Настройка
jail.local:
[DEFAULT] banaction = my-pf action = my-pf[table=bruteforce] ignoreip = 127.0.0.1 10.30.10.0/24 bantime = 7200 findtime = 259200 maxretry = 3 [ssh] enabled = true filter = bsd-sshd logpath = /var/log/auth.log [dovecot] enabled = true filter = dovecot [sendmail] enabled = true filter = bsd-sendmail [sendmail-auth] enabled = true [sendmail-reject] enabled = true [sendmail-sasl] enabled = true filter = sendmail-sasl action = my-pf[table=bruteforce] port="submission,465,smtp", protocol=tcp] logpath = /var/log/maillog
my-pf.conf:
[Definition] actionstart = actionstop = actioncheck = actionban = /sbin/pfctl -t <tablename> -T add <ip>/32 actionunban = /sbin/pfctl -t <tablename> -T delete <ip>/32 [Init] tablename = fail2ban
sendmail-sasl.conf: <code>
freebsd/network/fail2ban.1592402550.txt.gz · Последнее изменение: — andrei