search

Entware-for-kernel-3x / Entware-ng-3x

Ultimate repo for embedded devices
GNU General Public License v2.0
43 stars 6 forks source link

HOWTO: Fail2Ban #29

Closed p3x-robot closed 6 years ago

p3x-robot commented 7 years ago

Fail2Ban is not easy, but can be done cooly!

Right now, I use git but you can download the latest as well.

opkg install git git-http bash ca-bundle ca-certificates python  

cd /opt 
git clone https://github.com/fail2ban/fail2ban.git 
cd fail2ban 
mkdir -p /opt/log
mkdir -p /opt/run/fail2ban
mkdir -p /opt/lib/fail2ban/
cp /opt/fail2ban/config/jail.conf /opt/fail2ban/config/jail.local
cp /opt/fail2ban/config/fail2ban.conf /opt/fail2ban/config/fail2ban.local

Required modification for fail2ban.local

logtarget = /opt/log/fail2ban.log
socket = /opt/run/fail2ban/fail2ban.sock
pidfile = /opt/run/fail2ban/fail2ban.pid
dbfile = /opt/lib/fail2ban/fail2ban.sqlite3

Setup

There will be an info that /etc/fail2ban is not writable, but it is not a problems

cd /opt/fail2ban 
setup.py install

Init script /opt/etc/init.d/fail2ban

#!/usr/bin/env bash
/opt/bin/python /opt/fail2ban/bin/fail2ban-server -c /opt/fail2ban/config/ $1

Startup command in like DDWRT

/opt/etc/init.d/fail2ban start

Shutdown command in like DDWRT command

/opt/etc/init.d/fail2ban stop

by Patrik aka p3x-robot / p3x / corifeus

zyxmon commented 6 years ago

May be you will add this to wiki?