lttliang

可否举例写个例子出来？因为我vps中的freepbx刚装好个日就有人入侵，我都装左个fail2ban，但不懂setting

lttliang

回復 8# 雯雯


  这个我有睇过  但是不太明白，因为我一装好fail2ban 目录中就有/etc/fail2ban/filter.d/asterisk.conf了

1. # Fail2Ban configuration file
   
2. #
   
3. #
   
4. # $Revision: 250 $
   
5. #
   
6. 
   
7. [INCLUDES]
   
8. 
   
9. # Read common prefixes. If any customizations available -- read them from
   
10. # common.local
    
11. #before = common.conf
    
12. 
    
13. 
    
14. [Definition]
    
15. 
    
16. #_daemon = asterisk
    
17. 
    
18. # Option:  failregex
    
19. # Notes.:  regex to match the password failures messages in the logfile. The
    
20. #          host must be matched by a group named "host". The tag "<HOST>" can
    
21. #          be used for standard IP/hostname matching and is only an alias for
    
22. #          (?:::f{4,6}:)?(?P<host>\S+)
    
23. # Values:  TEXT
    
24. #
    
25. 
    
26. failregex = Registration from '.*' failed for '<HOST>(:[0-9]{1,5})?' - Wrong password
    
27.             Registration from '.*' failed for '<HOST>(:[0-9]{1,5})?' - No matching peer found
    
28.             Registration from '.*' failed for '<HOST>(:[0-9]{1,5})?' - Device does not match ACL
    
29.             Registration from '.*' failed for '<HOST>(:[0-9]{1,5})?' - Username/auth name mismatch
    
30.             Registration from '.*' failed for '<HOST>(:[0-9]{1,5})?' - Peer is not supposed to register
    
31.             NOTICE.* <HOST> failed to authenticate as '.*'$
    
32.             NOTICE.* .*: No registration for peer '.*' (from <HOST>)
    
33.             NOTICE.* .*: Host <HOST> failed MD5 authentication for '.*' (.*)
    
34.             VERBOSE.* logger.c: -- .*IP/<HOST>-.* Playing 'ss-noservice' (language '.*')
    
35. 
    
36. # Option:  ignoreregex
    
37. # Notes.:  regex to ignore. If this regex matches, the line is ignored.
    
38. # Values:  TEXT
    
39. #
    
40. ignoreregex =

複製代碼