add jail.local
This commit is contained in:
parent
77dfd76ce2
commit
8c5b430922
1 changed files with 14 additions and 0 deletions
|
|
@ -13,6 +13,20 @@
|
||||||
ansible.builtin.dnf:
|
ansible.builtin.dnf:
|
||||||
name: fail2ban
|
name: fail2ban
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
|
- name: enable sshd jail
|
||||||
|
copy:
|
||||||
|
dest: /etc/fail2ban/jail.local
|
||||||
|
content: |
|
||||||
|
[sshd]
|
||||||
|
enabled = true
|
||||||
|
port = ssh
|
||||||
|
filter = sshd
|
||||||
|
logpath = /var/log/auth.log
|
||||||
|
maxretry = 3
|
||||||
|
findtime = 300
|
||||||
|
bantime = 600
|
||||||
|
ignoreip = 127.0.0.1,169.231.0.0/16,128.111.0.0/16
|
||||||
|
|
||||||
- name: start fail2ban
|
- name: start fail2ban
|
||||||
ansible.builtin.systemd_service:
|
ansible.builtin.systemd_service:
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue