From 471e391a2adf60e70f0080642f60f540d05bd1b2 Mon Sep 17 00:00:00 2001 From: Luis Guzman Date: Wed, 28 Oct 2020 15:07:07 -0600 Subject: [PATCH] Add fail2ban tool --- tools/fail2ban_ssh.sh | 45 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 tools/fail2ban_ssh.sh diff --git a/tools/fail2ban_ssh.sh b/tools/fail2ban_ssh.sh new file mode 100644 index 0000000..d61fb71 --- /dev/null +++ b/tools/fail2ban_ssh.sh @@ -0,0 +1,45 @@ +#!/bin/bash +# Simple Fail2ban configuration +# 2020 - SwITNet Ltd +# GNU GPLv3 or later. + +while getopts m: option +do + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo ./fail2ban_ssh.sh [-m debug]" && exit;; + esac +done + +#DEBUG +if [ "$MODE" = "debug" ]; then +set -x +fi + +#Check if user is root +if ! [ $(id -u) = 0 ]; then + echo "You need to be root or have sudo privileges!" + exit 0 +fi + +apt-get -y install fail2ban + +if \ +[ -f /var/log/ssh_f2b.log ] && \ +[ $(grep -c 604800 /etc/fail2ban/jail.local) = "1" ] && \ +[ $(grep -c ssh_f2b.log /etc/fail2ban/jail.local) = "1"]; then + echo -e "\nFail2ban seems to be already configured.\n" +else + echo -e "\nConfiguring Fail2ban...\n" +cat << F2BAN >> /etc/fail2ban/jail.local +[sshd] +enabled = true +port = 22 +filter = sshd +logpath = /var/log/ssh_f2b.log +maxretry = 3 +bantime = 604800 +F2BAN +fi +systemctl restart fail2ban