From 0b75a5ca9c3746e151ed4cf7d4595fa848f778e2 Mon Sep 17 00:00:00 2001 From: Asif Bacchus Date: Tue, 21 May 2019 05:21:20 -0600 Subject: [PATCH] Update page '1. Installing Fail2Ban' --- 1.-Installing-Fail2Ban.md | 50 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 1.-Installing-Fail2Ban.md diff --git a/1.-Installing-Fail2Ban.md b/1.-Installing-Fail2Ban.md new file mode 100644 index 0000000..4d0bd94 --- /dev/null +++ b/1.-Installing-Fail2Ban.md @@ -0,0 +1,50 @@ +Installing an up-to-date Fail2Ban (Debian/Ubuntu) + +The F2B version available via apt for Debian/Ubuntu is old and does *not* support IP6 (as at the time of this document being written). So let's grab a newer version from the source at github. + +*Note: Only versions 0.10+ offer IP6 support.* + +- Switch to your home directory or somewhere you can work with downloaded files. +- Get the latest version of Fail2Ban, switch to the created directory and install it using the python installer script. + + ```Bash + # get latest fail2ban version + git clone https://github.com/fail2ban/fail2ban.git + # change to the newly created directory containing f2b + cd fail2ban + # run the installer + sudo python setup.py install + ``` + +- Let's test the installation by running fail2ban-client. If it displays the help screen, then things are probably set up properly. + + ```Bash + fail2ban-client -h + ``` + +- Now, let's configure systemd to load fail2ban automatically on system start-up. + + ```Bash + # copy the service file to the correct location + sudo cp files/debian-initd /etc/init.d/fail2ban + # tell systemd to refresh itself to recognize the new service + sudo update-rc.d fail2ban defaults + ``` + +- Let's go ahead and start the service to make sure it doesn't run into any problems. You should not see any errors reported and should have a pleasant 'green dot' showing up. +- *--full --no-pager* means display everything and wrap output so it isn't cut off and we can actually read it! + + ```Bash + # start the service + sudo systemctl start fail2ban.service + # check it's status for any errors + sudo systemctl --full --no-pager status fail2ban.service + ``` + +- One more test just to be sure everything is set up. You should see f2b report it's version without any errors being generated. + + ```Bash + fail2ban-client version + ``` + +That's it! Fail2Ban is set up and running on your system. Now we have to apply our configuration. \ No newline at end of file