asif/fail2banUFW
1
0
Fork 0
Code Issues Pull Requests Releases 3 Wiki Activity

Cleaned up markdown

Browse Source
This commit is contained in:
Asif Bacchus 2018-09-29 20:28:48 -06:00
parent dfaaffed37
commit ded42900de
1 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
README.md
View File

@ -82,8 +82,9 @@ updates.
I recommend reviewing the following settings at a minimum for any deployment: I recommend reviewing the following settings at a minimum for any deployment:
#### loglevel #### loglevel
This sets the verbosity of the log output from F2B. The default setting of INFO This sets the verbosity of the log output from F2B. The default setting of INFO
is appropriate for most installs but, you should specify it anyways so you have is appropriate for most installs but, you should specify it anyway so you have
an easy place to change it if you need to do so. an easy place to change it if you need to do so.
```Ini ```Ini
@ -91,6 +92,7 @@ loglevel = INFO
``` ```
#### logtarget #### logtarget
This controls the location of the F2B log file where it logs it's own actions. This controls the location of the F2B log file where it logs it's own actions.
This is NOT the location of the log files it reads for banning! Again, the This is NOT the location of the log files it reads for banning! Again, the
default is appropriate for most installs, but you should specify it in your default is appropriate for most installs, but you should specify it in your
@ -101,6 +103,7 @@ logtarget = /var/log/fail2ban.log
``` ```
#### dbpurgeage #### dbpurgeage
This controls how long F2B keeps a record of systems it has banned for whatever This controls how long F2B keeps a record of systems it has banned for whatever
reason. By default, this is set to one day. I prefer having a one week record reason. By default, this is set to one day. I prefer having a one week record
so I can go back and review as necessary. You can set it to whatever you want, so I can go back and review as necessary. You can set it to whatever you want,
@ -212,6 +215,7 @@ preference since it allows for each jail to be contained in it's own
configuration file which makes debugging and maintaining them much easier. configuration file which makes debugging and maintaining them much easier.
### sshd (/etc/fail2ban/jail.d/ssh.conf) ### sshd (/etc/fail2ban/jail.d/ssh.conf)
I usually just define a basic jail for *sshd* which is the SSH server. You can I usually just define a basic jail for *sshd* which is the SSH server. You can
add additional SSH jails as you wish to this file, but I keep it pretty simple. add additional SSH jails as you wish to this file, but I keep it pretty simple.
One note, I run my SSH server on a non-standard port, so be sure you fill in the One note, I run my SSH server on a non-standard port, so be sure you fill in the
@ -335,7 +339,7 @@ The variables defined in the configuration file are summarized as:
insertpos = 1 insertpos = 1
blocktype = deny blocktype = deny
destination = any destination = any
application = application =
``` ```
So, this rule adds a new rule (*insert*) at position 1 (*insertpos*) which So, this rule adds a new rule (*insert*) at position 1 (*insertpos*) which
@ -355,6 +359,6 @@ automatically for whatever timeframe you specify and then remove that block. So
you don't have to maintain IP block/allow lists manually anymore! you don't have to maintain IP block/allow lists manually anymore!
I hope this helps you in dealing with your server getting bombarded by I hope this helps you in dealing with your server getting bombarded by
irritating scanning-bots. As always, check out my blog at irritating scanning-bots. As always, [check out my blog at
https://mytechiethoughts.com for more solutions like this and feel free to https://mytechiethoughts.com](https://mytechiethoughts.com) for more solutions
contribute comments, suggestions and improvements! like this and feel free to contribute comments, suggestions and improvements!