我正在按照这个指南添加一个被禁IP的黑名单: https : //www.mauromascia.com/en/blog/fail2ban-set-permanent-ban-per-ip/
我注意到的第一件事是我的iptables-multiport.conf中的默认部分是指f2ban- <name>:
actionstart = <iptables> -N f2b-<name> <iptables> -A f2b-<name> -j <returntype> <iptables> -I <chain> -p <protocol> -m multiport --dports <port> -j f2b-<name> 而指南引用<fail2ban-name>。 这可能是重要的。 在任何情况下,我创build了黑名单文件,并通过添加行来改变上面的内容:
actionstart = <iptables> -N f2b-<name> <iptables> -A f2b-<name> -j <returntype> <iptables> -I <chain> -p <protocol> -m multiport --dports <port> -j f2b-<name> cat /etc/fail2ban/ip.blacklist | while read IP; do iptables -I f2b-<name> 1 -s $IP -j DROP; done
然而
carl@example:/etc/fail2ban/action.d# service fail2ban restart Job for fail2ban.service failed because the control process exited with error code. See "systemctl status fail2ban.service" and "journalctl -xe" for details. carl@example:/etc/fail2ban/action.d# systemctl status fail2ban.service ● fail2ban.service - Fail2Ban Service Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor preset: enabled) Active: inactive (dead) (Result: exit-code) since Thu 2017-07-06 11:26:09 BST; 6s ago Docs: man:fail2ban(1) Process: 2504 ExecStop=/usr/bin/fail2ban-client stop (code=exited, status=0/SUCCESS) Process: 5997 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=255) Main PID: 2205 (code=killed, signal=TERM) Jul 06 11:26:08 example.com systemd[1]: Failed to start Fail2Ban Service. Jul 06 11:26:08 example.com systemd[1]: fail2ban.service: Unit entered failed state. Jul 06 11:26:08 example.com systemd[1]: fail2ban.service: Failed with result 'exit-code'. Jul 06 11:26:09 example.com systemd[1]: fail2ban.service: Service hold-off time over, scheduling restart. Jul 06 11:26:09 example.com systemd[1]: Stopped Fail2Ban Service. Jul 06 11:26:09 example.com systemd[1]: fail2ban.service: Start request repeated too quickly. Jul 06 11:26:09 example.com systemd[1]: Failed to start Fail2Ban Service.
fail2ban日志中没有任何内容,我尝试了f2b- <name>和fail2ban- <name>。