docs:tips_n_tricks:fail2ban.html
Table of Contents
fail2ban
Cleanup oversized fail2ban.sqlite3
Test
cp -vip --sparse=always /var/lib/fail2ban/fail2ban.sqlite3 /scratch/root/fail2ban.sqlite3.sparse sqlite3 fail2ban.sqlite3 sqlite3 $PWD/fail2ban.sqlite3 "VACUUM ;" TMPDIR=/scratch/tmp/ sqlite3 $PWD/fail2ban.sqlite3 "VACUUM ;"
Real
systemctl stop fail2ban cd /var/lib/fail2ban TMPDIR=/scratch/tmp/ sqlite3 $PWD/fail2ban.sqlite3 SELECT COUNT(*) FROM bans WHERE timeofban < STRFTIME('%s','2022-03-01'); DELETE FROM bans WHERE timeofban < STRFTIME('%s','2022-03-01') LIMIT 10000; DELETE FROM bans WHERE timeofban < STRFTIME('%s','2022-03-01') LIMIT 10000; DELETE FROM bans WHERE timeofban < STRFTIME('%s','2022-03-01') LIMIT 35000; DELETE FROM bans WHERE timeofban < STRFTIME('%s','2022-03-01') ; ls -lah fail2ban.sqlite3 TMPDIR=/scratch/tmp/ sqlite3 $PWD/fail2ban.sqlite3 "VACUUM ;" && systemctl start fail2ban ls -lah fail2ban.sqlite3
Configuration
vi /etc/fail2ban/jail.d/jail.local systemctl reload fail2ban
Whitelist IPs / IP Ranges
- /etc/fail2ban/jail.d/jail.local
ignoreip = 127.0.0.1 10.0.0.0/8 192.168.0.0/16
Set default bantime, max allowed failures and different values for e.g. dovecot
- /etc/fail2ban/jail.d/jail.local
[DEFAULT] bantime = 1h maxretry = 3 [dovecot] bantime = 24h
docs/tips_n_tricks/fail2ban.html.txt · Last modified: 21.04.2024 23:55 CEST by peter