scripts/install_fail2ban at main · ipraptor/scripts · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
#!/bin/bash

# Получение адреса для внесения в исключения
read -p "Please write IP for create exclusion for fail2ban  --- " -r IPEXCLUSION

# Установка пакетов
if [ -e '/etc/redhat-release' ]; then
### RHEL ПОДОБНАЯ ОС
while ps uxaww | egrep '^yum|^dnf'; do echo 'waiting...'; sleep 3; done
yum -y update
sudo yum install epel-release -y
sudo yum install fail2ban -y
systemctl enable fail2ban
systemctl start fail2ban
# Создание файла конфигурации по умолчанию
sudo tee -a /etc/fail2ban/jail.d/default.conf <<EOL
[DEFAULT]
maxretry = 4
findtime = 480
bantime = 720
action = firewallcmd-ipset
ignoreip = ${IPEXCLUSION}
EOL
sudo tee -a /etc/fail2ban/jail.d/service.conf <<EOL
[ssh]
enabled = true
port = ssh
filter = sshd
action = firewallcmd-new[name=sshd, port=ssh, protocol=tcp]
backend = systemd #логи в системд
maxretry = 5
bantime = 86400 #сутки
EOL
else
### DEBIAN подобная ОС
while ps uxaww | egrep '^apt|^apt-get|^dpkg'; do echo 'waiting...'; sleep 3; done
export DEBIAN_FRONTEND='noninteractive'
apt-get update && apt-get -y upgrade
systemctl enable fail2ban
systemctl start fail2ban
# Создание файла конфигурации по умолчанию
sudo tee -a /etc/fail2ban/jail.d/default.conf <<EOL
[DEFAULT]
maxretry = 4
findtime = 480
bantime = 720
action = iptables
ignoreip = ${IPEXCLUSION}
EOL
sudo tee -a /etc/fail2ban/jail.d/service.conf <<EOL
[ssh]
enabled = true
port = ssh
filter = sshd
action = firewallcmd-new[name=sshd, port=ssh, protocol=tcp]
logpath = /var/log/auth.log
maxretry = 5
bantime = 86400 #сутки
EOL
fi
# Перезапуск службы fail2ban
sudo systemctl restart fail2ban
echo "Fail2Ban has been successfully installed and configured to filter the SSH protocol."