記事:
仕様:
sudo firewall-cmd --set-log-denied=all sudo tail /var/log/messages ... Nov 1 08:00:00 host1 kernel: filter_IN_public_REJECT: IN=eth0 OUT= MAC=xx:xx:xx... SRC=xxx.xxx.xxx.xxx DST=xxx.xxx.xxx.xxx ...
sudo firewall-cmd --set-log-denied=off
# help fail2ban-client # jail ruleを確認: sshdがある sudo fail2ban-client status Status |- Number of jail: 1 `- Jail list: sshd # sshd ruleの詳細 sudo fail2ban-client status sshd # IPを解除 sudo fail2ban-client set <jail rule> unbanip <IP addr1> <IP addr2> ...
sudo tail -f /var/log/fail2ban.log
sudo firewall-cmd --list-all --zone=public ... rich rules: rule family="ipv4" source address="xxx.xxx.xxx.xxx" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"
sudo iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination f2b-sshd tcp -- anywhere anywhere multiport dports ssh