我正在尝试使用以下配置fail2ban和.ufwufw.conf/etc/fail2ban/action.d
监狱配置
[app-custom]
enabled = true
maxretry = 1
journalmatch =
backend = polling
logpath = %(log_path)s
findtime = 120
bantime = -1
banaction = ufw[application=$(app), blocktype=reject]
ufw 配置
actionstart =
actionstop =
actioncheck =
actionban = [ -n "<application>" ] && app="app <application>"
ufw insert <insertpos> <blocktype> from <ip> to <destination> $app
actionunban = [ -n "<application>" ] && app="app <application>"
ufw delete <blocktype> from <ip> to <destination> $app
[Init]
# Option: insertpos
# Notes.: The position number in the firewall list to insert the block rule
insertpos = 1
# Option: blocktype
# Notes.: reject or deny
blocktype = reject
# Option: destination
# Notes.: The destination address to block in the ufw rule
destination = any
# Option: application
# Notes.: application from sudo ufw app list
application =
# DEV NOTES:
#
# Author: Guilhem Lettron
# Enhancements: Daniel Black
目前,一切都已正确设置,因为我收到了有关禁止 IP 的 fail2ban 通知,但我在ufw status.
如何fail2ban正确ufw阻止 IP 地址?
谢谢
正如@sebres 在他的评论中指出的那样,
解决方案是删除这部分:
[application=$(app), blocktype=reject]在
banaction = ufw配置监狱之后。现在
ufw阻止所有不需要的 IP 地址。这是踢球者:
我希望这将有所帮助。
?