Commit 0f24b9

2025-12-21 19:07:23 theophile: added troubleshooting, general page cleanup with blocks
server/fail2ban.md ..
@@ 19,19 19,21 @@
sudo apt install fail2ban
```
+ ## Configuration
+
Les fichiers de configuration se trouve à :
``` shell
/etc/fail2ban
```
- <WRAP left round important 100%>
- Don't copy the conf to local We want to make precise modifications to
+ :::info
+ Don't **copy the conf to local**, we want to make precise modifications to
the default, so let's not loose ourselves in thousands of parameters.
Let's target the ones we need to change.
+ :::
- </WRAP>
Tout d'abord on créer un fichier `jail.local` pour override les
paramètres par défault:
@@ 149,7 151,7 @@
```
- Add the `/etc/fail2ban/jail.d/bad-auth-bots.conf`
-
+ ```toml
[bad-auth-bots]
enabled = true
backend = systemd
@@ 158,21 160,20 @@
findtime = 600
maxretry = 5
action = docker-action-net
-
+ ```
The above will block flagged IPs for a week, you can of course change it
to your needs.
- - Add the following to /etc/fail2ban/action.d/docker-action-net.conf
-
- <WRAP left round important 100%>
+ - Add the following to `/etc/fail2ban/action.d/docker-action-net.conf`
+ :::info
You have to install ipset on the host system, eg.
`apt-get install ipset` on a Debian/Ubuntu system.
+ :::
- </WRAP>
See ipset homepage for details on ipset, <https://ipset.netfilter.org/>.
-
+ ```toml
[Definition]
actionstart = ipset --create f2b-bad-auth-bots nethash
@@ 184,6 185,7 @@
actionban = ipset add -exist f2b-bad-auth-bots <ip>/24
actionunban = ipset del -exist f2b-bad-auth-bots <ip>/24
+ ```
Using DOCKER-USER chain ensures that the blocked IPs are processed in
the correct order with Docker. See more in:
@@ 212,6 214,20 @@
sudo systemctl restart fail2ban
```
+
+ ## Troubleshooting
+
+ Pour vérifier si une adresse a été ban, on a plusieurs possibilité:
+
+ ```bash
+ less /var/log/fail2ban.log | grep YOUR_IP
+ ```
+ ### Unban
+
+ ```bash
+ sudo fail2ban-client set THE_JAIL_NAME unbanip YOUR_IP
+ ```
+
## Sources
- https://wiki.archlinux.org/title/Fail2ban
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9