[操作疑難] 【求救】fail2ban 問題

唔知點解 BAN 唔到 IP,  設定左 maxretry = 5 次, 自己試過不停access個網都無BAN我.
有無高手知問題所在? THX

設定
[http-get-dos]
enabled = true
port = http
filter = http-get-dos
logpath = /var/log/dos.log
maxretry = 5
findtime = 120
bantime = 600
action = iptables[name=HTTP, port=http, protocol=tcp]

fail2ban.log 文件都無顯示有問題

2018-07-07 15:48:21,116 fail2ban.server       [11701]: INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.9.6
2018-07-07 15:48:21,118 fail2ban.database    [11701]: INFO Connected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3'
2018-07-07 15:48:21,121 fail2ban.jail          [11701]: INFO Creating new jail 'http-get-dos'
2018-07-07 15:48:21,146 fail2ban.jail          [11701]: INFO Jail 'http-get-dos' uses pyinotify {}
2018-07-07 15:48:21,174 fail2ban.jail          [11701]: INFO Initiated 'pyinotify' backend
2018-07-07 15:48:21,177 fail2ban.filter       [11701]: INFO Added logfile = /var/log/dos.log
2018-07-07 15:48:21,178 fail2ban.filter       [11701]: INFO Set maxRetry = 5
2018-07-07 15:48:21,179 fail2ban.filter       [11701]: INFO Set jail log file encoding to UTF-8
2018-07-07 15:48:21,179 fail2ban.actions       [11701]: INFO Set banTime = 600
2018-07-07 15:48:21,180 fail2ban.filter       [11701]: INFO Set findtime = 120
2018-07-07 15:48:21,195 fail2ban.jail          [11701]: INFO Jail 'http-get-dos' started

0

0

wsoft2002

中級會員

Rank: 2 Rank: 2

2^#

發表於 2018-7-28 18:02 | 只看該作者

check

1. iptable 是否安裝及正常
2. 個 dos.log 記唔記錄到
3. fail2ban 條 filter rules 夾唔夾 log.file

via HKEPC Reader for Android

TOP

KinChungE

長老會員

Rank: 5 Rank: 5 Rank: 5 Rank: 5 Rank: 5

3^#

發表於 2018-7-30 16:59 | 只看該作者

fail2ban只係authentication fail先有效
正常access係幾多次都照俾過

除非你整http authentication, 否則冇用

TOP

takayo72 發短消息加為好友 takayo72 當前離線路人甲 UID 307575 帖子 13502 精華 1 積分 7770 EPC Dollar 7770 註冊時間 2014-9-30 最後登錄 2026-6-1 Banned	4^# 發表於 2018-7-30 17:30 \| 只看該作者提示: 作者被禁止或刪除內容自動屏蔽

	TOP

[操作疑難] 【求救】fail2ban 問題

[收藏此主題] [關注此主題的新回覆]

[通過 QQ、MSN 分享給朋友]