You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
31 lines
802 B
31 lines
802 B
#!/bin/bash
|
|
|
|
## check root
|
|
if [ "$EUID" -ne 0 ]
|
|
then echo "Lancer le script avec sudo svp"
|
|
exit
|
|
fi
|
|
|
|
# update et install fail2ban
|
|
apt update -y && apt install fail2ban -y
|
|
|
|
# copie des confs
|
|
cp nginx-conf/* /etc/fail2ban/filter.d/
|
|
cp jail.local /etc/fail2ban/
|
|
rm -rf /etc/fail2ban/jail.d/*
|
|
|
|
# recup de l'ip pour la conf
|
|
IP=$(ip route get 1.2.3.4 | awk '{print $7}')
|
|
sed -i "s/IP/$IP/" /etc/fail2ban/jail.local
|
|
|
|
# recup du port ssh
|
|
SSH=$(grep Port /etc/ssh/sshd_config); SSH=${SSH##*(Port)}; SSH=${SSH%%*(#GatewayPorts no)}
|
|
sed -i "s/SSH_PORT/$SSH/" /etc/fail2ban/jail.local
|
|
|
|
# changement dbpurge
|
|
sed -i "s/1d/365d/" /etc/fail2ban/fail2ban.conf
|
|
|
|
systemctl restart fail2ban
|
|
fail2ban-client status
|
|
|
|
echo "la configuration pour les autres prisons que le SSH sont de 72h (bannissement à vie pour le SSH)" |