Fail2Ban intrusion detection
Fail2Ban v1.1.0 reads log file that contains password failure report and bans the corresponding IP addresses using firewall rules.
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout home:Star2BarryN/fail2ban && cd $_ - Create Badge
Refresh
Source Files
| Filename | Size | Changed |
|---|---|---|
| f2b-restart.conf | 0000000163 163 Bytes | |
| fail2ban-0.10.4-env-script-interpreter.patch | 0000000604 604 Bytes | |
| fail2ban-1.1.0.tar.gz | 0000603854 590 KB | |
| fail2ban-1.1.0.tar.gz.asc | 0000000488 488 Bytes | |
| fail2ban-disable-iptables-w-option.patch | 0000000855 855 Bytes | |
| fail2ban-force-python3.6.patch | 0000001336 1.3 KB | |
| fail2ban-opensuse-service-sfw.patch | 0000000750 750 Bytes | |
| fail2ban-opensuse-service.patch | 0000001352 1.32 KB | |
| fail2ban-rpmlintrc | 0000000210 210 Bytes | |
| fail2ban.logrotate | 0000000232 232 Bytes | |
| fail2ban.spec | 0000074911 73.2 KB | |
| fail2ban.sysconfig | 0000000200 200 Bytes | |
| fail2ban.tmpfiles | 0000000031 31 Bytes | |
| paths-opensuse.conf | 0000000975 975 Bytes | |
| sfw-fail2ban.conf | 0000000217 217 Bytes |
Comments 1
FAIL2BAN-CLIENT(1) User Commands FAIL2BAN-CLIENT(1) NAME fail2ban-client - configure and control the server SYNOPSIS fail2ban-client [OPTIONS] <COMMAND> DESCRIPTION Fail2Ban v1.1.0 reads log file that contains password failure report and bans the corresponding IP addresses using firewall rules. OPTIONS -c, --conf <DIR> configuration directory -s, --socket <FILE> socket path -p, --pidfile <FILE> pidfile path --pname <NAME> name of the process (main thread) to identify instance (default fail2ban-server) --loglevel <LEVEL> logging level --logtarget <TARGET> logging target, use file-name or stdout, stderr, syslog or sysout. --syslogsocket auto|<FILE> -d dump configuration. For debugging --dp, --dump-pretty dump the configuration using more human readable representation -t, --test test configuration (can be also specified with start parameters) -i interactive mode -v increase verbosity -q decrease verbosity -x force execution of the server (remove socket file) -b start server in background (default) -f start server in foreground --async start server in async mode (for internal usage only, don't read configuration) --timeout timeout to wait for the server (for internal usage only, don't read configuration) --str2sec <STRING> convert time abbreviation format to seconds -h, --help display this help message -V, --version print the version (-V returns machine-readable short format) COMMAND BASIC start starts the server and the jails restart restarts the server restart [--unban] [--if-exists] <JAIL> restarts the jail <JAIL> (alias for 'reload --restart ... <JAIL>') reload [--restart] [--unban] [--all] reloads the configuration without restarting of the server, the option '--restart' activates completely restarting of affected jails, thereby can unban IP addresses (if option '--unban' spec- ified) reload [--restart] [--unban] [--if-exists] <JAIL> reloads the jail <JAIL>, or restarts it (if option '--restart' specified) stop stops all jails and terminate the server unban --all unbans all IP addresses (in all jails and database) unban <IP> ... <IP> unbans <IP> (in all jails and database) banned return jails with banned IPs as dictionary banned <IP> ... <IP>] return list(s) of jails where given IP(s) are banned status gets the current status of the server status --all [FLAVOR] gets the current status of all jails, with optional flavor or extended info stat[istic]s gets the current statistics of all jails as table ping tests if the server is alive echo for internal usage, returns back and outputs a given string help return this output version return the server version LOGGING set loglevel <LEVEL> sets logging level to <LEVEL>. Levels: CRITICAL, ERROR, WARN- ING, NOTICE, INFO, DEBUG, TRACEDEBUG, HEAVYDEBUG or correspond- ing numeric value (50-5) get loglevel gets the logging level set logtarget <TARGET> sets logging target to <TARGET>. Can be STDOUT, STDERR, SYSLOG, SYSTEMD-JOURNAL or a file get logtarget gets logging target set syslogsocket auto|<SOCKET> sets the syslog socket path to auto or <SOCKET>. Only used if logtarget is SYSLOG get syslogsocket gets syslog socket path flushlogs flushes the logtarget if a file and reopens it. For log rota- tion. DATABASE set dbfile <FILE> set the location of fail2ban persistent datastore. Set to "None" to disable get dbfile get the location of fail2ban persistent datastore set dbmaxmatches <INT> sets the max number of matches stored in database per ticket get dbmaxmatches gets the max number of matches stored in database per ticket set dbpurgeage <SECONDS> sets the max age in <SECONDS> that history of bans will be kept get dbpurgeage gets the max age in seconds that history of bans will be kept JAIL CONTROL add <JAIL> <BACKEND> creates <JAIL> using <BACKEND> start <JAIL> starts the jail <JAIL> stop <JAIL> stops the jail <JAIL>. The jail is removed status <JAIL> [FLAVOR] gets the current status of <JAIL>, with optional flavor or ex- tended info JAIL CONFIGURATION set <JAIL> idle on|off sets the idle state of <JAIL> set <JAIL> ignoreself true|false allows the ignoring of own IP addresses set <JAIL> addignoreip <IP> adds <IP> to the ignore list of <JAIL> set <JAIL> delignoreip <IP> removes <IP> from the ignore list of <JAIL> set <JAIL> ignorecommand <VALUE> sets ignorecommand of <JAIL> set <JAIL> ignorecache <VALUE> sets ignorecache of <JAIL> set <JAIL> addlogpath <FILE> ['tail'] adds <FILE> to the monitoring list of <JAIL>, optionally start- ing at the 'tail' of the file (default 'head'). set <JAIL> dellogpath <FILE> removes <FILE> from the monitoring list of <JAIL> set <JAIL> logencoding <ENCODING> sets the <ENCODING> of the log files for <JAIL> set <JAIL> addjournalmatch <MATCH> adds <MATCH> to the journal filter of <JAIL> set <JAIL> deljournalmatch <MATCH> removes <MATCH> from the journal filter of <JAIL> set <JAIL> addfailregex <REGEX> adds the regular expression <REGEX> which must match failures for <JAIL> set <JAIL> delfailregex <INDEX> removes the regular expression at <INDEX> for failregex set <JAIL> addignoreregex <REGEX> adds the regular expression <REGEX> which should match pattern to exclude for <JAIL> set <JAIL> delignoreregex <INDEX> removes the regular expression at <INDEX> for ignoreregex set <JAIL> findtime <TIME> sets the number of seconds <TIME> for which the filter will look back for <JAIL> set <JAIL> bantime <TIME> sets the number of seconds <TIME> a host will be banned for <JAIL> set <JAIL> datepattern <PATTERN> sets the <PATTERN> used to match date/times for <JAIL> set <JAIL> usedns <VALUE> sets the usedns mode for <JAIL> set <JAIL> attempt <IP> [<failure1> ... <failureN>] manually notify about <IP> failure set <JAIL> banip <IP> ... <IP> manually Ban <IP> for <JAIL> set <JAIL> unbanip [--report-absent] <IP> ... <IP> manually Unban <IP> in <JAIL> set <JAIL> maxretry <RETRY> sets the number of failures <RETRY> before banning the host for <JAIL> set <JAIL> maxmatches <INT> sets the max number of matches stored in memory per ticket in <JAIL> set <JAIL> maxlines <LINES> sets the number of <LINES> to buffer for regex search for <JAIL> set <JAIL> addaction <ACT>[ <PYTHONFILE> <JSONKWARGS>] adds a new action named <ACT> for <JAIL>. Optionally for a Python based action, a <PYTHONFILE> and <JSONKWARGS> can be specified, else will be a Command Action set <JAIL> delaction <ACT> removes the action <ACT> from <JAIL> COMMAND ACTION CONFIGURATION set <JAIL> action <ACT> actionstart <CMD> sets the start command <CMD> of the action <ACT> for <JAIL> set <JAIL> action <ACT> actionstop <CMD> sets the stop command <CMD> of the action <ACT> for <JAIL> set <JAIL> action <ACT> actioncheck <CMD> sets the check command <CMD> of the action <ACT> for <JAIL> set <JAIL> action <ACT> actionban <CMD> sets the ban command <CMD> of the action <ACT> for <JAIL> set <JAIL> action <ACT> actionunban <CMD> sets the unban command <CMD> of the action <ACT> for <JAIL> set <JAIL> action <ACT> timeout <TIMEOUT> sets <TIMEOUT> as the command timeout in seconds for the action <ACT> for <JAIL> GENERAL ACTION CONFIGURATION set <JAIL> action <ACT> <PROPERTY> <VALUE> sets the <VALUE> of <PROPERTY> for the action <ACT> for <JAIL> set <JAIL> action <ACT> <METHOD>[ <JSONKWARGS>] calls the <METHOD> with <JSONKWARGS> for the action <ACT> for <JAIL> JAIL INFORMATION get <JAIL> banned return banned IPs of <JAIL> get <JAIL> banned <IP> ... <IP>] return 1 if IP is banned in <JAIL> otherwise 0, or a list of 1/0 for multiple IPs get <JAIL> logpath gets the list of the monitored files for <JAIL> get <JAIL> logencoding gets the encoding of the log files for <JAIL> get <JAIL> journalmatch gets the journal filter match for <JAIL> get <JAIL> ignoreself gets the current value of the ignoring the own IP addresses get <JAIL> ignoreip gets the list of ignored IP addresses for <JAIL> get <JAIL> ignorecommand gets ignorecommand of <JAIL> get <JAIL> failregex gets the list of regular expressions which matches the failures for <JAIL> get <JAIL> ignoreregex gets the list of regular expressions which matches patterns to ignore for <JAIL> get <JAIL> findtime gets the time for which the filter will look back for failures for <JAIL> get <JAIL> bantime gets the time a host is banned for <JAIL> get <JAIL> datepattern gets the pattern used to match date/times for <JAIL> get <JAIL> usedns gets the usedns setting for <JAIL> get <JAIL> banip [<SEP>|--with-time] gets the list of of banned IP addresses for <JAIL>. Optionally the separator character ('<SEP>', default is space) or the op- tion ' --with-time' (printing the times of ban) may be speci- fied. The IPs are ordered by end of ban. get <JAIL> maxretry gets the number of failures allowed for <JAIL> get <JAIL> maxmatches gets the max number of matches stored in memory per ticket in <JAIL> get <JAIL> maxlines gets the number of lines to buffer for <JAIL> get <JAIL> actions gets a list of actions for <JAIL> COMMAND ACTION INFORMATION get <JAIL> action <ACT> actionstart gets the start command for the action <ACT> for <JAIL> get <JAIL> action <ACT> actionstop gets the stop command for the action <ACT> for <JAIL> get <JAIL> action <ACT> actioncheck gets the check command for the action <ACT> for <JAIL> get <JAIL> action <ACT> actionban gets the ban command for the action <ACT> for <JAIL> get <JAIL> action <ACT> actionunban gets the unban command for the action <ACT> for <JAIL> get <JAIL> action <ACT> timeout gets the command timeout in seconds for the action <ACT> for <JAIL> GENERAL ACTION INFORMATION get <JAIL> actionproperties <ACT> gets a list of properties for the action <ACT> for <JAIL> get <JAIL> actionmethods <ACT> gets a list of methods for the action <ACT> for <JAIL> get <JAIL> action <ACT> <PROPERTY> gets the value of <PROPERTY> for the action <ACT> for <JAIL> FILES /etc/fail2ban/* REPORTING BUGS Report bugs to https://github.com/fail2ban/fail2ban/issues SEE ALSO fail2ban-server(1) jail.conf(5) Fail2Ban v1.1.0 April 2024 FAIL2BAN-CLIENT(1)