Tags:
create new tag
view all tags

Configuring the LCFG fail2ban component

Here is the way we use the fail2ban component in Informatics:

#define LCFG_OPTIONS_FAIL2BAN_SSH
#include <lcfg/options/fail2ban.h>

!fail2ban.ignoreip       mSET(129.215.0.0/16)

!fail2ban.bantime        mSET(3600) /* seconds - 1 hour */
!fail2ban.maxretry       mSET(5)

!tcpwrappers.allow          mADD(sshd)
!tcpwrappers.allow_sshd     mSET(sshd : localhost .ed.ac.uk)

!tcpwrappers.deny           mADD(ALL)
!tcpwrappers.deny_ALL       mSET(ALL EXCEPT sshd : ALL : banners /etc/tcpd.banners)

!tcpwrappers.template_deny  mSET(LCFGDATA/tcpwrappers/deny-fail2ban.tt)
!fail2ban.action_sshtcpwrap mSET(lcfg-hostsdeny)

Note the interaction with the LCFG tcpwrappers component, this will vary from site to site.

-- Main.squinney - 2011-03-07

Topic revision: r1 - 2011-03-07 - squinney
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2021 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback