{"id":168,"date":"2024-02-24T16:21:32","date_gmt":"2024-02-24T08:21:32","guid":{"rendered":"https:\/\/669082.xyz\/?p=168"},"modified":"2024-02-24T16:21:32","modified_gmt":"2024-02-24T08:21:32","slug":"centos7%e5%88%a9%e7%94%a8fail2ban%e9%98%b2%e6%ad%a2ssh%e8%a2%ab%e7%88%86%e7%a0%b4","status":"publish","type":"post","link":"https:\/\/669082.xyz\/index.php\/2024\/02\/24\/centos7%e5%88%a9%e7%94%a8fail2ban%e9%98%b2%e6%ad%a2ssh%e8%a2%ab%e7%88%86%e7%a0%b4\/","title":{"rendered":"centos7\u5229\u7528fail2ban\u9632\u6b62ssh\u88ab\u7206\u7834"},"content":{"rendered":"
1 \u505c\u6b62iptables\u5e76\u542f\u7528firewall \u8fd9\u4e00\u6b65\u5927\u90e8\u5206\u673a\u5668\u4e0d\u5fc5\u8981\u505a<\/h5>\n

\u5927\u90e8\u5206\u673a\u5668\u521d\u59cb\u72b6\u6001\u5df2\u7ecf\u662f\u8fd9\u6837\u4e86<\/p>\n

#\u5982\u679c\u60a8\u5df2\u7ecf\u5b89\u88c5iptables\u5efa\u8bae\u5148\u5173\u95ed\nservice iptables stop\n#\u67e5\u770bFirewalld\u72b6\u6001\nfirewall-cmd --state\n#\u542f\u52a8firewalld\nsystemctl start firewalld\n#\u8bbe\u7f6e\u5f00\u673a\u542f\u52a8\nsystemctl enable firewalld.service\n#\u653e\u884c22\u7aef\u53e3\nfirewall-cmd --zone=public --add-port=22\/tcp --permanent\n#\u91cd\u8f7d\u914d\u7f6e\nfirewall-cmd --reload\n#\u67e5\u770b\u5df2\u653e\u884c\u7aef\u53e3\nfirewall-cmd --zone=public --list-ports<\/code><\/pre>\n
2 \u5b89\u88c5fail2ban<\/h5>\n
#CentOS\u5185\u7f6e\u6e90\u5e76\u672a\u5305\u542bfail2ban\uff0c\u9700\u8981\u5148\u5b89\u88c5epel\u6e90\nyum -y install epel-release\n#\u5b89\u88c5fial2ban\nyum -y install fail2ban<\/code><\/pre>\n
3 \u914d\u7f6efail2ban<\/h5>\n
vi \/etc\/fail2ban\/jail.local\n\n#\u5199\u5165\u4ee5\u4e0b\u5185\u5bb9\n[DEFAULT]\nignoreip = 127.0.0.1\/8\nbantime  = 1200\nfindtime = 300\nmaxretry = 3\nbanaction = firewallcmd-ipset\naction = %(action_mwl)s\n\n[sshd]\nenabled = true\nfilter  = sshd\nport    = 22\naction = %(action_mwl)s\nlogpath = \/var\/log\/secure<\/code><\/pre>\n
4 \u542f\u52a8 \u5e76\u52a0\u5165\u5f00\u673a\u542f\u52a8<\/h5>\n
\/\/\u91cd\u542ffail2ban\nsystemctl restart fail2ban\n\/\/\u5f00\u673a\u542f\u52a8\nsystemctl enable fail2ban<\/code><\/pre>\n
\u6700\u540e<\/h5>\n
\u67e5\u770b\u88ab\u5c01\u7684IP\nfail2ban-client status sshd\n\n#\u68c0\u6d4b\u662f\u5426\u5728\u8fd0\u884c\nsystemctl status fail2ban\n\n#\u68c0\u6d4b\u662f\u5426\u5f00\u673a\u542f\u52a8\nsystemctl list-unit-files | grep fail2ban<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
1 \u505c\u6b62iptables\u5e76\u542f\u7528firewall \u8fd9\u4e00\u6b65\u5927\u90e8\u5206\u673a\u5668\u4e0d\u5fc5\u8981\u505a \u5927\u90e8\u5206\u673a\u5668\u521d\u59cb\u72b6\u6001\u5df2\u7ecf\u662f\u8fd9 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[],"class_list":["post-168","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/669082.xyz\/index.php\/wp-json\/wp\/v2\/posts\/168","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/669082.xyz\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/669082.xyz\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/669082.xyz\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/669082.xyz\/index.php\/wp-json\/wp\/v2\/comments?post=168"}],"version-history":[{"count":1,"href":"https:\/\/669082.xyz\/index.php\/wp-json\/wp\/v2\/posts\/168\/revisions"}],"predecessor-version":[{"id":169,"href":"https:\/\/669082.xyz\/index.php\/wp-json\/wp\/v2\/posts\/168\/revisions\/169"}],"wp:attachment":[{"href":"https:\/\/669082.xyz\/index.php\/wp-json\/wp\/v2\/media?parent=168"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/669082.xyz\/index.php\/wp-json\/wp\/v2\/categories?post=168"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/669082.xyz\/index.php\/wp-json\/wp\/v2\/tags?post=168"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}