mirror of https://github.com/fail2ban/fail2ban
- Fail2ban now support ipfw and ipfwadm
- New options git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/trunk@47 a942ae1a-1317-0410-a47c-b1dcaea8d6050.6
Cyril Jaquier
parent
f1770f937b
commit
11330ff944
19
README
19
README
|
|
@ -9,8 +9,8 @@ Fail2Ban (version 0.1.1) 10/23/2004
|
|||
|
||||
Fail2Ban scans log files like /var/log/pwdfail and bans IP
|
||||
that makes too much password failures. It updates firewall
|
||||
rules to reject the IP address. Currently sshd and iptables
|
||||
are supported. It needs log4py.
|
||||
rules to reject the IP address. Currently sshd, iptables,
|
||||
ipfw and ipfwadm are supported. It needs log4py.
|
||||
|
||||
This is my first Python program. I began learning Python for
|
||||
less than one week so please be understanding ;-) English is
|
||||
|
|
@ -32,10 +32,11 @@ So I search for a script or program that do it. Found
|
|||
nothing :-( So I decide to write mine and to learn Python :-)
|
||||
|
||||
I read the log file (/var/log/pwdfail/current on metalog) and
|
||||
search for line with "Failed password". Then get the ip and
|
||||
if it has already done 3 or more password failure in the last
|
||||
banTime, I ban the ip for banTime using a iptable rule. After
|
||||
banTime, the rule is deleted.
|
||||
search for a given pattern which indicates a login attempt.
|
||||
Then I get the ip and if it has already done 3 or more
|
||||
password failure in the last banTime, I ban the ip for
|
||||
banTime using a iptable rule. After banTime, the rule is
|
||||
deleted.
|
||||
|
||||
Runs on my server and does its job rather well :-) The idea
|
||||
is to make fail2ban usable with most syslog daemons and
|
||||
|
|
@ -77,6 +78,7 @@ options:
|
|||
|
||||
-b start fail2ban in background
|
||||
-d start fail2ban in debug mode
|
||||
-e <INTF> ban IP on the INTF interface
|
||||
-f <FILE> read password failure from FILE
|
||||
-h display this help message
|
||||
-i <IP(s)> IP(s) to ignore
|
||||
|
|
@ -84,7 +86,8 @@ options:
|
|||
-r <VALUE> allow a max of VALUE password failure
|
||||
-t <TIME> ban IP for TIME seconds
|
||||
-v verbose
|
||||
|
||||
-w <FIWA> select the firewall to use. Can be iptables,
|
||||
ipfwadm or ipfw
|
||||
|
||||
Contact:
|
||||
--------
|
||||
|
|
@ -100,7 +103,7 @@ Cyril Jaquier: <lostcontrol@users.sourceforge.net>
|
|||
Thanks:
|
||||
-------
|
||||
|
||||
Kévin Drapel, Marvin Rouge
|
||||
Kévin Drapel, Marvin Rouge, Sireyessire, Robert Edeker
|
||||
|
||||
|
||||
License:
|
||||
|
|
|
|||
Loading…
Reference in New Issue