hyperreal.coffee

Configure fail2ban on Linux with firewalld

1sudo cp -v /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
2sudo nvim /etc/fail2ban/jail.local
1bantime = 1h
2findtime = 1h
3maxretry = 5
1sudo cp -v /etc/fail2ban/jail.d/00-firewalld.conf /etc/fail2ban/jail.d/00-firewalld.local
2sudo nvim /etc/fail2ban/jail.d/sshd.local
1[sshd]
2enabled = true
3
4bantime = 1d
5maxretry = 3
1sudo systemctl restart fail2ban.service
2sudo fail2ban-client status

Configure fail2ban on FreeBSD with PF

1sudo pkg install -y py311-fail2ban

Edit /usr/local/etc/fail2ban/jail.local.

1[DEFAULT]
2bantime = 86400
3findtime = 3600
4maxretry = 3
5banaction = pf
6
7[sshd]
8enabled = true

Enable and start fail2ban.

1sudo sysrc fail2ban_enable="YES"
2sudo service fail2ban start
3
4# If not enabled already:
5sudo sysrc pf_enable="YES"
6sudo service pf start

Configure /etc/pf.conf

1table <fail2ban> persist
2
3set skip on lo0
4
5block in all
6block in quick from <fail2ban>
7...

Check and reload PF rules.

1sudo pfctl -nf /etc/pf.conf
2sudo pfctl -f /etc/pf.conf

Reply to this post by email ↪