HOWTO: Fail2Ban

Question

HOWTO: Fail2Ban

p3x-robot opened this issue 7 years ago · comments

Fail2Ban is not easy, but can be done cooly!

Right now, I use git but you can download the latest as well.

opkg install git git-http bash ca-bundle ca-certificates python  
 
cd /opt 
git clone https://github.com/fail2ban/fail2ban.git 
cd fail2ban 
mkdir -p /opt/log
mkdir -p /opt/run/fail2ban
mkdir -p /opt/lib/fail2ban/
cp /opt/fail2ban/config/jail.conf /opt/fail2ban/config/jail.local
cp /opt/fail2ban/config/fail2ban.conf /opt/fail2ban/config/fail2ban.local

Required modification for `fail2ban.local`

logtarget = /opt/log/fail2ban.log
socket = /opt/run/fail2ban/fail2ban.sock
pidfile = /opt/run/fail2ban/fail2ban.pid
dbfile = /opt/lib/fail2ban/fail2ban.sqlite3

Setup

There will be an info that /etc/fail2ban is not writable, but it is not a problems

cd /opt/fail2ban 
setup.py install

Init script `/opt/etc/init.d/fail2ban`

#!/usr/bin/env bash
/opt/bin/python /opt/fail2ban/bin/fail2ban-server -c /opt/fail2ban/config/ $1

Startup command in like DDWRT

/opt/etc/init.d/fail2ban start

Shutdown command in like DDWRT command

/opt/etc/init.d/fail2ban stop

by Patrik aka p3x-robot / p3x / corifeus

Andrey Sechin · Answer 1 · Mon Dec 18 2017 01:28:51 GMT+0800 (China Standard Time)

May be you will add this to wiki?

HOWTO: Fail2Ban

Fail2Ban is not easy, but can be done cooly!

Required modification for fail2ban.local

Setup

Init script /opt/etc/init.d/fail2ban

Startup command in like DDWRT

Shutdown command in like DDWRT command

Required modification for `fail2ban.local`

Init script `/opt/etc/init.d/fail2ban`