antisaWiki

User Tools

Site Tools

Trace:
wiki:fail2ban_examples

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
wiki:fail2ban_examples [2022/12/29 10:11] – add Not banning after action change antisawiki:fail2ban_examples [2024/03/06 14:02] (current) – add example of dry run antisa
Line 51: Line 51:
 </WRAP> </WRAP>
  
 +===== Testing =====
 +
 +==== regex ====
  
 Use ''fail2ban-regex'' to check if its matching the regex. Here is an example of match Use ''fail2ban-regex'' to check if its matching the regex. Here is an example of match
Line 90: Line 93:
 10.21.21.1 - - [27/Dec/2022:11:57:15 +0100] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:108.0) Gecko/20100101 Firefox/108.0" 10.21.21.1 - - [27/Dec/2022:11:57:15 +0100] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:108.0) Gecko/20100101 Firefox/108.0"
 </code> </code>
 +
 +==== dry run ====
 +Use action ''dummy.conf'' from //action.d/// directory to see what would be banned. E.g. 
 +
 +  [bottest]
 +  enabled  = true
 +  maxretry = 4
 +  findtime = 60s
 +  bantime  = 60s
 +  action   = dummy
 +  #action   = iptables[name=bloKKKED, port=http]
 +  logpath  = %(nginx_access_log)s
 +  
 +Then ''cat /var/run/fail2ban/fail2ban.dummy'' to see what IPs would be banned.
  
 ====== Troubleshooting ====== ====== Troubleshooting ======
wiki/fail2ban_examples.1672305100.txt.gz · Last modified: 2022/12/29 10:11 by antisa
Except where otherwise noted, content on this wiki is licensed under the following license: CC0 1.0 Universal
CC0 1.0 Universal Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki