Professional Documents
Culture Documents
Failban Cccam
Failban Cccam
Cccam protection
OS: Debian
CCcam version: 2.1.2+
Edit /etc/fail2ban/jail.conf
Type:
vim /etc/fail2ban/jail.conf
& press [Enter]
... press [Insert], scroll to the bottom with [↓] or [Page Down] and add the following:
# port
# port that Cccam uses.
#
# logpath
# location of Cccam-debug file, like:
# /var/log/daemon.log
# or
# /var/emu/cccam/log/warnings.txt
# or...
# enable debug-mode & define debug-file name and location
# in Cccam.cfg file.
#
# bantime:
# define banning-time in seconds (1800 secs = 30 mins)
[cccam_signaturefailed]
enabled = true
port = 12000
filter = cccam-signature
logpath = /var/log/daemon.log
bantime = 1800
maxretry = 10
[cccam_badcommand]
enabled = true
port = 12000
filter = cccam-command
logpath = /var/log/daemon.log
bantime = 1800
maxretry = 10
[cccam_doublelogin]
enabled = true
port = 12000
filter = cccam-login
logpath = /var/log/daemon.log
bantime = 1800
maxretry = 10
http://www.exyuteam.org
Adding the three filter-files at /etc/fail2ban/filter.d/
# failregex
# The host must match the failure messages in the
# Cccam debug-file.
[Definition]
failregex = CCcam: kick <HOST>, signature failed
ignoreregex =
# failregex
# The host must match the failure messages in the
# Cccam debug-file.
[Definition]
failregex = CCcam: kick <HOST>.*, bad command
ignoreregex =
http://www.exyuteam.org
3. Make file cccam-login.conf
Type:
vim /etc/fail2ban/filter.d/cccam-login.conf
& press [Enter]
# failregex
# The host must match the failure messages in the
# Cccam debug-file.
[Definition]
failregex = CCcam: double login .*, .* \(<HOST>\)
ignoreregex =
/var/log/fail2ban.log
http://www.exyuteam.org