美文网首页
CentOS 7安装fail2ban + Firewalld防止

CentOS 7安装fail2ban + Firewalld防止

作者: warmi_ | 来源:发表于2019-01-03 14:47 被阅读0次
yum -y install epel-release  # 安装epel源
yum install -y firewalld  # mini的可能不带
firewall-cmd --state  # 查看Firewalld状态
systemctl start firewalld  # 启动firewalld
systemctl enable firewalld.service  # 设置开机启动
yum -y install fail2ban  # 安装fial2ban

配置Firewalld放行22端口(启用Firewalld后会禁止所有端口连接,因此请务必放行常用的端口,以免被阻挡在外)

#放行22端口 (顺便记得把代理的端口给放了o(╥﹏╥)o)
firewall-cmd --zone=public --add-port=80/tcp --permanent
#重载配置
firewall-cmd --reload
#查看已放行端口
firewall-cmd --zone=public --list-ports

vi /etc/fail2ban/jail.local # ban掉坏人

[DEFAULT]
ignoreip = 127.0.0.1/8
bantime  = 86400
findtime = 600
maxretry = 5
banaction = firewallcmd-ipset
action = %(action_mwl)s

[sshd]
enabled = true
filter  = sshd
port    = 22
action = %(action_mwl)s
logpath = /var/log/secure

systemctl start fail2ban # 抓坏人
fail2ban-client status sshd # 带坏人游街

摘自https://www.xiaoz.me/archives/9831,写了很多很详细

相关文章

网友评论

      本文标题:CentOS 7安装fail2ban + Firewalld防止

      本文链接:https://www.haomeiwen.com/subject/umpfrqtx.html