作用

防止爆破

安装

yum install fail2ban

apt install fail2ban

安装后目录是

/etc/fail2ban

建议覆盖配置

cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

编辑jail.local

比如配置ssh防护,更改过ssh端口19999

[sshd]
enabled = true
port = ssh,19999
filter = sshd
logpath = /var/log/auth.log
maxretry = 5
bantime = 600

修改后

systemctl restart fail2ban

就可以查看状态了

fail2ban-client status
fail2ban-client status sshd

解封IP

fail2ban-client set sshd unbanip ip地址
Last modification:August 7, 2025
© Allow specification reprint
如果觉得我的文章对你有用,请随意赞赏