[ manual install ]
cd /use/local/src/
tar xvfj fail2ban-0.8.14.tar.bz2
cd fail2ban-0.8.14
sudo python setup.py install
cp files/redhat-initd /etc/init.d/fail2ban
chmod 755 /etc/init.d/fail2ban
chkconfig --add fail2ban && chkconfig fail2ban on
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
vi /etc/fail2ban/jail.local
[DEFAULT]
ignoreip = 127.0.0.1/8 192.168.0.0/24 8.8.8.8 # NAT allow
bantime = 360000
findtime = 6000
[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
sendmail-whois[name=SSH, dest=you@example.com, sender=fail2ban@example.com, sendername="Fail2Ban"]
logpath = /var/log/secure
maxretry = 5
service fail2ban restart
sudo ls /var/run
[ yum install ]
/etc/yum.repos.d/CentOS-Base.repo 에 아래의 내용을 추가 후
[dag]
name=Dag RPM Repostory for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag
gpgcheck=1
enabled=1
gpgkey=http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt
[kbs-CentOS-Misc]
name=CentOS.Karan.Org-EL$releasever - Stable
gpgkey=http://centos.karan.org/RPM-GPG-KEY-karan.org.txt
gpgcheck=1
enabled=1
baseurl=http://centos.karan.org/el$releasever/misc/stable/$basearch/RPMS/
yum install fail2ban
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
vi /etc/fail2ban/jail.local
service fail2ban restart
sudo ls /var/run
[ restart sequence ]
/etc/init.d/fail2ban stop
/etc/init.d/iptables save
/etc/init.d/iptables restart
/etc/init.d/fail2ban start
