.png)
我已经在我的 CentOS 7 服务器上安装了fail2ban。我已经启用了 sshd 监狱,它似乎运行正常。
jam.local 正在运行“banaction =firewallcmd-ipset”
出于测试目的,我反复尝试使用不正确的用户名连接到我的服务器。 fail2ban 正确识别并禁止了有问题的 IP,然后添加了正确的防火墙规则。
不过我仍然可以通过被禁止的 IP 进行 ssh 登录。
有什么想法吗?
Status for the jail: sshd
|- Filter
| |- Currently failed: 0
| |- Total failed: 52
| `- Journal matches: _SYSTEMD_UNIT=sshd.service + _COMM=sshd
`- Actions
|- Currently banned: 1
|- Total banned: 2
`- Banned IP list: 181.109.18.132
Name: fail2ban-sshd
Type: hash:ip
Revision: 1
Header: family inet hashsize 1024 maxelem 65536 timeout 3600
Size in memory: 16592
References: 1
Members:
181.109.18.132 timeout 2782
Redirecting to /bin/systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2016-08-04 17:21:01 ART; 24min ago
Process: 9281 ExecReload=/bin/kill -HUP $MAINPID (code=exited, status=0/SUCCESS)
Main PID: 8723 (firewalld)
CGroup: /system.slice/firewalld.service
└─8723 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid