yum -y install epel-release # 安装epel源
yum install -y firewalld # mini的可能不带
firewall-cmd --state # 查看Firewalld状态
systemctl start firewalld # 启动firewalld
systemctl enable firewalld.service # 设置开机启动
yum -y install fail2ban # 安装fial2ban
配置Firewalld放行22端口(启用Firewalld后会禁止所有端口连接,因此请务必放行常用的端口,以免被阻挡在外)
#放行22端口 (顺便记得把代理的端口给放了o(╥﹏╥)o)
firewall-cmd --zone=public --add-port=80/tcp --permanent
#重载配置
firewall-cmd --reload
#查看已放行端口
firewall-cmd --zone=public --list-ports
vi /etc/fail2ban/jail.local # ban掉坏人
[DEFAULT]
ignoreip = 127.0.0.1/8
bantime = 86400
findtime = 600
maxretry = 5
banaction = firewallcmd-ipset
action = %(action_mwl)s
[sshd]
enabled = true
filter = sshd
port = 22
action = %(action_mwl)s
logpath = /var/log/secure
systemctl start fail2ban # 抓坏人
fail2ban-client status sshd # 带坏人游街
摘自https://www.xiaoz.me/archives/9831,写了很多很详细
网友评论