如果登录超过5次都失败的话,在bantime设置的时间内,用户是无法登录的。默认bantime的设置是300秒,也就是5分钟,我设置的是3600秒,也就是1小时。
如果你想让某些IP不受fail2ban的控制,可以修改ignoreip 这个参数。
:wq 保存后。启动服务
service fail2ban start
复制代码
设置服务开机启动
chkconfig fail2ban on
复制代码
在开启服务后你的邮箱就可以收到一封fail2ban服务启动的邮件,相应的停止服务也会收到邮件
开启服务邮件 正文
Hi,
The jail SSH has been started successfully.
Regards,
Fail2Ban
复制代码
停止服务邮件正文
Hi,
The jail SSH has been stopped.
Regards,
Fail2Ban
复制代码
拒绝登录邮件正文
Hi,
The IP 222.186.56.101 has just been banned by Fail2Ban after
5 attempts against SSH.
Here is more information about 222.186.56.101:
missing whois program
Regards,
Fail2Ban
复制代码