Table of Contents generated with DocToc
Fail2ban
Configure fail2ban on Linux with firewalld
sudo cp -v /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo nvim /etc/fail2ban/jail.local
bantime = 1h
findtime = 1h
maxretry = 5
sudo cp -v /etc/fail2ban/jail.d/00-firewalld.conf /etc/fail2ban/jail.d/00-firewalld.local
sudo nvim /etc/fail2ban/jail.d/sshd.local
[sshd]
enabled = true
bantime = 1d
maxretry = 3
sudo systemctl restart fail2ban.service
sudo fail2ban-client status
Configure fail2ban on FreeBSD with PF
sudo pkg install -y py311-fail2ban
Edit /usr/local/etc/fail2ban/jail.local
.
[DEFAULT]
bantime = 86400
findtime = 3600
maxretry = 3
banaction = pf
[sshd]
enabled = true
Enable and start fail2ban.
sudo sysrc fail2ban_enable="YES"
sudo service fail2ban start
# If not enabled already:
sudo sysrc pf_enable="YES"
sudo service pf start
Configure /etc/pf.conf
.
table <fail2ban> persist
set skip on lo0
block in all
block in quick from <fail2ban>
...
Check and reload PF rules.
sudo pfctl -nf /etc/pf.conf
sudo pfctl -f /etc/pf.conf