1 停止iptables并启用firewall 这一步大部分机器不必要做
大部分机器初始状态已经是这样了
#如果您已经安装iptables建议先关闭
service iptables stop
#查看Firewalld状态
firewall-cmd --state
#启动firewalld
systemctl start firewalld
#设置开机启动
systemctl enable firewalld.service
#放行22端口
firewall-cmd --zone=public --add-port=22/tcp --permanent
#重载配置
firewall-cmd --reload
#查看已放行端口
firewall-cmd --zone=public --list-ports2 安装fail2ban
#CentOS内置源并未包含fail2ban,需要先安装epel源
yum -y install epel-release
#安装fial2ban
yum -y install fail2ban3 配置fail2ban
vi /etc/fail2ban/jail.local
#写入以下内容
[DEFAULT]
ignoreip = 127.0.0.1/8
bantime = 1200
findtime = 300
maxretry = 3
banaction = firewallcmd-ipset
action = %(action_mwl)s
[sshd]
enabled = true
filter = sshd
port = 22
action = %(action_mwl)s
logpath = /var/log/secure4 启动 并加入开机启动
//重启fail2ban
systemctl restart fail2ban
//开机启动
systemctl enable fail2ban最后
查看被封的IP
fail2ban-client status sshd
#检测是否在运行
systemctl status fail2ban
#检测是否开机启动
systemctl list-unit-files | grep fail2ban