Professional Documents
Culture Documents
Firewalld Fail2ban
Firewalld Fail2ban
# vim /etc/firewalld/firewalld.conf
DefaultZone=trusted
...
# vim /etc/fail2ban/jail.d/sshd.conf
[DEFAULT]
#Durata del ban
bantime = 3600
#Timeout tentativi
findtime = 600
#Massimo numero di tentativi consentito nel tempo findtime
maxretry = 10
# Override /etc/fail2ban/jail.d/00-firewalld.conf:
banaction = iptables-multiport
[sshd]
enabled = true
- Verifica
# firewall-cmd --get-active-zone
Ripartire da P-FEIMGPROCE