在 CentOS 6.x 下安裝
# yum install pure-ftpd –enablerepo=rpmforge
啟動 Pure-FTPd FTP Server
# /etc/init.d/pure-ftpd start
Starting pure-ftpd: [ OK ]
修改 /etc/rsyslog.conf 設定檔,讓 Pure-FTPd FTP Server 設定檔能獨立成一個檔案
# vim /etc/rsyslog.conf
ftp.* /var/log/pureftpd.log
重新啟動 Syslog Server
# /etc/init.d/rsyslog restart
檢查 log 檔是否有產生
# ls -l /var/log/pureftpd.log
-rw——-. 1 root root 0 Jan 1 14:54 /var/log/pureftpd.log
[@more@]修改 fail2ban 設定檔
# vim /etc/fail2ban/jail.conf
加入下面的設定
[pure-ftpd]
enabled = true
filter = pure-ftpd
action = iptables[name=pure-ftpd, port=ftp, protocol=tcp]
logpath = /var/log/pureftpd.log
maxretry = 3
bantime = 86400
重新啟動 fail2ban
# service fail2ban restart
# fail2ban-client status
Status
|- Number of jail: 2
`- Jail list: pure-ftpd, ssh-iptables
嘗試錯誤連線幾次
# fail2ban-client status pure-ftpd
Status for the jail: pure-ftpd
|- filter
| |- File list: /var/log/pureftpd.log
| |- Currently failed: 0
| `- Total failed: 3
`- action
|- Currently banned: 1
| `- IP list: 192.168.1.1
`- Total banned: 1
# iptables -t filter -L fail2ban-pure-ftpd -n
Chain fail2ban-pure-ftpd (1 references)
target prot opt source destination
DROP all — 192.168.1.1 0.0.0.0/0
RETURN all — 0.0.0.0/0 0.0.0.0/0