Untuk Membuat fail2ban mengirim email otomatis ke pengelola ip yang menjadi sumber masalah, dapat kita setting sebagai berikut :
edit file /etc/fail2ban/jail.conf
#nano /etc/fail2ban/jail.conf
[ssh-iptables]
enabled = true
filter = sshd
action = iptables-allports[name=SSH, protocol=all]
complain[logpath=/var/log/secure]
logpath = /var/log/secure
maxretry = 3
edit file /etc/fail2ban/action.d/complain.conf
#nano /etc/fail2ban/action.d/complain.conf
[Init]
message =
\n\nWhois information about $IP:\n`/usr/bin/whois $IP`\n
logpath = /dev/null
mailcmd = mail -s
mailargs = -c support@namadomainkamu.com -- -f abuse@namadomainkamu.com
Lalu restart servi fail2ban
#service fail2ban restart
Tidak ada komentar:
Posting Komentar