fail2ban

1，安装fail2ban，首先安装一下epel-release
[root@localhost~]# yum -y install epel-release
[root@localhost~]# yum -y install fail2ban
2,启动fail2ban
[root@localhost~]# systemctl start fail2ban

3，修改防爆力破解的配置文件
[root@localhost~]# vim /etc/fail2ban/jail.d/jail.local
[DEFAULT]
ignoreip=127.0.0.1/24
bantime=3600 ##非法ip被屏蔽时间(秒)
findtime=600
maxretry=2 ##最大尝试次数

[ssh-iptables]
enabled=true ##是否开启防护
filter=sshd ##过滤规则filter名称, 对应的目录为sshd.conf
action=iptables[name=SSH,port=ssh,portocol=tcp] ##动作参数
logpath=/var/log/secure

添加这些参数，保存退出

4，生效fail2ban
[root@localhost~]# fail2ban-client reload
[root@localhost~]# systemctl start fail2ban
[root@localhost~]# systemctl enable fail2ban
查看当前被禁止登陆的ip：fail2ban-client status ssh-iptables
添加禁止ip： fail2ban-client set ssh-iptables banip 192.168.1.77
删除禁止ip： fail2ban-client set ssh-iptables unbanip 192.168.0.142