-
Notifications
You must be signed in to change notification settings - Fork 0
/
installf2b.sh
35 lines (32 loc) · 705 Bytes
/
installf2b.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
#!/bin/bash
### 安装并设置fail2ban
##
apt update
apt-get -y install fail2ban iptables
echo
read -p "Input SSH port:" sshport
read -p "Ignore IP:" inputip
ignoreip=$( ping -q -c 1 $inputip 2>/dev/null | grep PING | sed -e "s/).*//" | sed -e "s/.*(//" )
echo
cat << EOF > /etc/fail2ban/jail.local
[DEFAULT]
ignoreip = 127.0.0.1/8 ::1 $ignoreip
bantime = -1
findtime = 60m
maxretry = 4
backend = systemd
[sshd]
enabled = true
port = ssh,$sshport
logpath = %(sshd_log)s
backend = %(sshd_backend)s
EOF
sleep 1
systemctl enable fail2ban
sleep 1
systemctl restart fail2ban
sleep 2
fail2ban-client status sshd
echo "Fail2ban User config file path: /etc/fail2ban/jail.local"
echo
### The End ###