安装fail2ban 0.10以支持IPV6
2023/04/21 17:50:39
官方地址及要求:https://github.com/fail2ban/fail2ban
安装python最新版:
1.安装python3.5可能使用的依赖
yum install openssl-devel bzip2-devel expat-devel gdbm-devel readline-devel sqlite-devel
2.下载python
wget "https://www.python.org/ftp/python/3.5.2/Python-3.5.2.tgz"
3.解压下载好的压缩包
tar -zxvf Python-3.5.2.tgz
4.配置编译
sudo mkdir /usr/local/python3
sudo ./configure --prefix=/usr/local/python3
sudo make
sudo make install
5.备份旧版本python,链接新版本python
ln -s /usr/local/python3/bin/python3 /usr/bin/python3
ln -s /usr/local/python3/bin/pip3 /usr/bin/pip3
注意:安装完高版本的python后,最好再安装下其它相关的组件
pip install --upgrade pip//升级本身
pip install pyinotify
pip3 install gamin
pip3 install systemd
--------------------------------------------------------------------------------------
#6.修改yum配置文件
#sudo vi /usr/bin/yum
#将第一行指定的python版本改为python2.7(#!/usr/bin/python 改为 #!/usr/bin/python2.7)
7、安装fail2ban
wget --no-check-certificate https://github.com/fail2ban/fail2ban/archive/0.10.zip
mv 0.10 0.10.zip
unzip 0.10.zip
cd fail2ban-0.10/
python3 setup.py install
cp files/redhat-initd /etc/init.d/fail2ban
service fail2ban start
ln -s /usr/local/python3/bin/fail2ban-client /usr/bin/fail2ban-client
ln -s /usr/local/python3/bin/fail2ban-server /usr/bin/fail2ban-server
ln -s /usr/local/python3/bin/fail2ban-testcases /usr/bin/fail2ban-testcases
ln -s /usr/local/python3/bin/fail2ban-regex /usr/bin/fail2ban-regex
相关配置:
https://github.com/sebres/fail2ban/wiki/Properly-fail2ban-configuration
http://www.jb51.net/article/48591.htm
其它配置:
vi jail.local
destemail = 110@qq.com
sender = fail2ban@localhost
[pam-generic]
enabled = true
[sshd]
enabled = true
[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
sendmail-whois[name=SSH, dest=root, sender=fail2ban@localhost, sendername="Fail2Ban"]
logpath = /var/log/secure
maxretry = 5
bantime = 8640000
[ssh-ddos]
enabled = true
filter = sshd-ddos
action = iptables[name=ssh-ddos, port=ssh,sftp protocol=tcp,udp]
logpath = /var/log/messages
maxretry = 5
bantime = 8640000
[vsftpd-notification]
enabled = true
filter = vsftpd
action = sendmail-whois[name=VSFTPD, dest=110@qq.com]
logpath = /var/log/vsftpd.log
maxretry = 5
bantime = 8640000
[vsftpd-iptables]
enabled = true
filter = vsftpd
action = iptables[name=VSFTPD, port=ftp, protocol=tcp]
sendmail-whois[name=VSFTPD, dest=110@qq.com]
logpath = /var/log/vsftpd.log
maxretry = 5
bantime = 8640000
fail2ban-client reload
安装python最新版:
1.安装python3.5可能使用的依赖
yum install openssl-devel bzip2-devel expat-devel gdbm-devel readline-devel sqlite-devel
2.下载python
wget "https://www.python.org/ftp/python/3.5.2/Python-3.5.2.tgz"
3.解压下载好的压缩包
tar -zxvf Python-3.5.2.tgz
4.配置编译
sudo mkdir /usr/local/python3
sudo ./configure --prefix=/usr/local/python3
sudo make
sudo make install
5.备份旧版本python,链接新版本python
ln -s /usr/local/python3/bin/python3 /usr/bin/python3
ln -s /usr/local/python3/bin/pip3 /usr/bin/pip3
注意:安装完高版本的python后,最好再安装下其它相关的组件
pip install --upgrade pip//升级本身
pip install pyinotify
pip3 install gamin
pip3 install systemd
--------------------------------------------------------------------------------------
#6.修改yum配置文件
#sudo vi /usr/bin/yum
#将第一行指定的python版本改为python2.7(#!/usr/bin/python 改为 #!/usr/bin/python2.7)
7、安装fail2ban
wget --no-check-certificate https://github.com/fail2ban/fail2ban/archive/0.10.zip
mv 0.10 0.10.zip
unzip 0.10.zip
cd fail2ban-0.10/
python3 setup.py install
cp files/redhat-initd /etc/init.d/fail2ban
service fail2ban start
ln -s /usr/local/python3/bin/fail2ban-client /usr/bin/fail2ban-client
ln -s /usr/local/python3/bin/fail2ban-server /usr/bin/fail2ban-server
ln -s /usr/local/python3/bin/fail2ban-testcases /usr/bin/fail2ban-testcases
ln -s /usr/local/python3/bin/fail2ban-regex /usr/bin/fail2ban-regex
相关配置:
https://github.com/sebres/fail2ban/wiki/Properly-fail2ban-configuration
http://www.jb51.net/article/48591.htm
其它配置:
vi jail.local
destemail = 110@qq.com
sender = fail2ban@localhost
[pam-generic]
enabled = true
[sshd]
enabled = true
[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
sendmail-whois[name=SSH, dest=root, sender=fail2ban@localhost, sendername="Fail2Ban"]
logpath = /var/log/secure
maxretry = 5
bantime = 8640000
[ssh-ddos]
enabled = true
filter = sshd-ddos
action = iptables[name=ssh-ddos, port=ssh,sftp protocol=tcp,udp]
logpath = /var/log/messages
maxretry = 5
bantime = 8640000
[vsftpd-notification]
enabled = true
filter = vsftpd
action = sendmail-whois[name=VSFTPD, dest=110@qq.com]
logpath = /var/log/vsftpd.log
maxretry = 5
bantime = 8640000
[vsftpd-iptables]
enabled = true
filter = vsftpd
action = iptables[name=VSFTPD, port=ftp, protocol=tcp]
sendmail-whois[name=VSFTPD, dest=110@qq.com]
logpath = /var/log/vsftpd.log
maxretry = 5
bantime = 8640000
fail2ban-client reload