linux – 让fail2ban向被禁止方发送通知

前端之家收集整理的这篇文章主要介绍了linux – 让fail2ban向被禁止方发送通知前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。
我在某些CentOS 5和6服务器上配置了 fail2ban,并且只要IP被禁止,它就会向我发送一封带有IP的whois的电子邮件.是否可以将fail2ban配置为还从whois报告向电子邮件发送通知

这是我的jail配置:

# /etc/fail2ban/jail.conf    

[ssh-iptables]

enabled  = true
filter   = sshd
action   = iptables-allports[name=SSH,protocol=all]
           sendmail-whois[name=SSH,dest=root@mydomain.com,sender=fail2ban]
logpath  = /var/log/secure
maxretry = 3

是否有某种变量我可以把它发送到whois电子邮件

解决方法

看起来有一个与fail2ban一起调用抱怨的动作.请注意抱怨[logpath = / var / log / secure]的行:
# /etc/fail2ban/jail.conf    

[ssh-iptables]

enabled  = true
filter   = sshd
action   = iptables-allports[name=SSH,sender=fail2ban]
           complain[logpath=/var/log/secure]
logpath  = /var/log/secure
maxretry = 3

添加该行并重新启动fail2ban服务.操作conf文件是/etc/fail2ban/action.d/complain.conf.简短的介绍:

Sends a complaint e-mail to addresses listed in the whois record for an offending IP address.

原文链接:https://www.f2er.com/linux/396549.html

猜你在找的Linux相关文章