Send notification to telegram when fail2ban ban an IP address and unband an IP address
- openssh
- vsftpd
- fail2ban
- curl
- telegram bot api
$ sudo apt install vsftpd fail2ban ssh-server
-
Create a copy of jail.conf
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local. -
Create ban rules in jail.local
ignoreip = 127.0.0.1/8 192.168.1.101
bantime = 3600
findtime = 120
maxretry = 3 -
Protect vsftpd with fail2ban. Make chage to [vsftpd] section in jail.local enabled = true
filter = vsftpd
action =
iptables[name=VSFTPD, port=21, protocol=tcp]
telegram -
If you want to protect SSH with fail2ban add this to [sshd]
enabled = true
filter = sshd
maxretry = 3
logpath = /var/log/auth.log
action =
iptables[name=SSH, port=22, protocol=tcp]
telegram -
Make script directory to place our shell script
sudo mkdir /etc/fail2ban/scripts/
in the following directory addfail2ban-telegram.sh -
Copy telegram.conf to
/etc/fail2ban/action.d/directory
cp telegram.conf /etc/fail2ban/action.d/ -
Edit fail2ban-telegram.sh and replace the
apiTokenandchatIdwith your api. You must create telegram bot first and get the api key here
systemctl start ssh-server
systemctl start vsftpd
systemctl start fail2ban
