Differences
This shows you the differences between two versions of the page.
Last revisionBoth sides next revision | |||
fail2ban_add_custom_rule [06.12.2020 08:39] – created Pascal Suter | fail2ban_add_custom_rule [06.12.2020 09:01] – Pascal Suter | ||
---|---|---|---|
Line 33: | Line 33: | ||
s so you can see, the regex matched 9005 lines, that seems about right.. | s so you can see, the regex matched 9005 lines, that seems about right.. | ||
+ | next up is our **jail** for the filter we just created. we create a new file called '/ | ||
+ | <code fal2ban / | ||
+ | enabled | ||
+ | port = smtp, | ||
+ | logpath | ||
+ | </ | ||
+ | I got the '' | ||
+ | there are many more options you could set, like '' | ||
+ | |||
+ | so now lets reload our config to enable our shiny new rule: | ||
+ | fail2ban-client reload | ||
+ | if whoever you want to block is still active, you should see him blocked in a short time.. check your logs like | ||
+ | < | ||
+ | # grep Ban / | ||
+ | 2020-12-06 07: | ||
+ | </ | ||
+ | and yell "haha, gotcha" | ||
+ | |||
+ | or you can also see your success via the '' | ||
+ | < | ||
+ | # fail2ban-client status postfix-ehlo | ||
+ | Status for the jail: postfix-ehlo | ||
+ | |- Filter | ||
+ | | |- Currently failed: 0 | ||
+ | | |- Total failed: 8 | ||
+ | | `- File list: | ||
+ | `- Actions | ||
+ | |- Currently banned: 0 | ||
+ | |- Total banned: 1 | ||
+ | `- Banned IP list: | ||
+ | </ | ||
+ | |||
+ | there you go :) | ||
+ | |||
+ | by the way, to activate any of the already existing jails, you need to set the '' | ||
+ | < | ||
+ | [sshd] | ||
+ | enabled = true | ||
+ | |||
+ | [postfix] | ||
+ | enabled = true | ||
+ | |||
+ | [dovecot] | ||
+ | enabled = true | ||
+ | </ | ||
+ | the names of the pre-configured jails can be found in ''/ | ||
+ | |||
+ | after enabling your filters, reload and check with the '' | ||
+ | < | ||
+ | # fail2ban-client reload | ||
+ | OK | ||
+ | # fail2ban-client status | ||
+ | Status | ||
+ | |- Number of jail: 4 | ||
+ | `- Jail list: | ||
+ | </ |