Forked from
713 / Warden / Warden
263 commits behind the upstream repository.
-
Pavel Kácha authoredPavel Kácha authored
README 1.25 KiB
Support scripts for fail2ban
============================
Introduction
------------
Fail2ban is a logfile watcher, which is able to run various actions,
based on too many patterns occured in the log file.
Those helper shell scripts can be used as action to report events to
Warden_.
Dependencies
------------
1. Python packages
warden_filer 3.0+
Usage
-----
* f2ban_spam.sh is meant to be used in cooperation with the default
"postfix" rule.
* f2ban_ssh.sh is meant to be used in cooperation with the default
"ssh" rule.
In the corresponding action following invocation can be used:
actionban = /usr/local/bin/f2ban_XXX.sh <ip> <failures> <time>
Please, edit corresponding paths and Warden names in the corresponding
script preamble and check/edit contents of the IDEA template (e.g. Target IP
address in f2ban_ssh.sh).
Scripts write generated Idea_ events into warden_filer compatible
directory, so you will need to run properly configured (and registered
into Warden server) warden_filer instance, which will take care for
picking up the events and submitting them.
.. _Warden: https://warden.cesnet.cz/
.. _Idea: https://idea.cesnet.cz/
------------------------------------------------------------------------------
Copyright (C) 2017 Cesnet z.s.p.o