Fail2ban으로 생성된 체인의 이름을 변경하는 방법입니다.
root@host:~# iptables -L INPUT -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-dotcom tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22,660
fail2ban-dotde tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
fail2ban-oc tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 /* loopback interface */
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
도착하다:
root@host:~# iptables -L INPUT -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
f2b-dotcom tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
f2b-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22,660
f2b-dotde tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
f2b-oc tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 /* loopback interface */
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
답변1
안에 파일이 /yourpath/fail2ban/action.d/몇 개 있습니다 iptables*.conf. 작업은 서로 다른 시간에 실행되는 여러 명령을 정의합니다. 현재 행의 일부 예 action.d/iptables*.conf:
[Definition]
actionstart = iptables -N fail2ban-<name>
iptables -A fail2ban-<name> -j RETURN
iptables -I <chain> -p <protocol> --dport <port> -j fail2ban-<name>
actionstop = iptables -D <chain> -p <protocol> --dport <port> -j fail2ban-<name>
iptables -F fail2ban-<name>
iptables -X fail2ban-<name>
actioncheck = iptables -n -L <chain> | grep -q fail2ban-<name>
다음과 같이 구성을 편집해야 합니다.
[Definition]
actionstart = iptables -N f2b-<name>
iptables -A f2b-<name> -j RETURN
iptables -I <chain> -p <protocol> --dport <port> -j f2b-<name>
actionstop = iptables -D <chain> -p <protocol> --dport <port> -j f2b-<name>
iptables -F f2b-<name>
iptables -X f2b<name>
actioncheck = iptables -n -L <chain> | grep -q f2b-<name>
최신 버전에는 이미 이러한 업데이트가 있습니다.