fail2ban configuration-jail config

Discussion in 'Linux Beginners' started by Divya.p, Apr 19, 2023.

  1. Divya.p

    Divya.p New Member

    Hi There,

    Kindly advise on the below scenario.

    Server is Linux server. If an IP tries 3 time to connect a particular services and it reban 3 times. After that, this particular IP should get permanently ban.

    Is there any script or any steps available for this scenario.
     
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Yes, fail2ban does the banning. Only for ssh by default, but you can add services fail2ban monitors.
    When you want longer bans for repeat offenders, use fail2ban recidive jail.
     
  3. Divya.p

    Divya.p New Member

    I have configured below methods in jail.local:
    [service]
    enable = true
    port = service port no
    port = ftp
    filter =
    logpath = /var/log/auth.log
    maxretry = 3
    bantime = 3600 [seconds] or required time

    If an IP tries 3 time to connect a particular services and it reban 3 times. After that, this particular IP should get permanently ban.
    Is there any script or any steps available for this scenario.

    How to configure jail.conf ?please guide me
     
  4. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    How could I? You wrote it is Linux server, but which Linux? Red Hat? Ubuntu?
    What fail2ban documentation have you already read, so I not repeat unnecessarily information you already know.
     

Share This Page