====== fail2ban ======
===== Установка =====

<code>
yum install fail2ban
systemctl enable fail2ban
</code>

<code>
systemctl status iptables.service
systemctl status firewalld.service
</code>

===== Настройка =====

Конфиги применяются по порядку:
  - /etc/fail2ban/jail.conf
  - /etc/fail2ban/jail.d/*.conf
  - /etc/fail2ban/jail.local
  - /etc/fail2ban/jail.d/*.local

/etc/fail2ban/jail.local
<code>
[DEFAULT]
maxretry = 2
destemail = root@localhost
[sshd]
enabled = true
</code>

<code>
systemctl restart fail2ban
</code>
===== Статус =====

<code>
fail2ban-client status
fail2ban-client status sshd
</code>

{{tag> fail2ban }}