quick-jibri-installer/tools/fail2ban_ssh.sh

46 lines
906 B
Bash
Raw Permalink Normal View History

2020-10-28 21:07:07 +00:00
#!/bin/bash
# Simple Fail2ban configuration
2023-11-08 06:34:51 +00:00
# SwITNet Ltd © - 2023, https://switnet.net/
2020-10-28 21:07:07 +00:00
# GNU GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
2020-10-28 21:07:07 +00:00
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
2020-10-28 21:07:07 +00:00
echo "You need to be root or have sudo privileges!"
exit 0
fi
apt-get -y install fail2ban
if \
[ -f /var/log/ssh_f2b.log ] && \
[ "$(grep -c 604800 /etc/fail2ban/jail.local)" = "1" ] && \
[ "$(grep -c ssh_f2b.log /etc/fail2ban/jail.local)" = "1" ]; then
2020-10-28 21:07:07 +00:00
echo -e "\nFail2ban seems to be already configured.\n"
else
echo -e "\nConfiguring Fail2ban...\n"
cat << F2BAN >> /etc/fail2ban/jail.local
[sshd]
enabled = true
port = 22
filter = sshd
logpath = /var/log/ssh_f2b.log
maxretry = 3
bantime = 604800
F2BAN
fi
systemctl restart fail2ban