參考網站:
Set up Fail2ban for Proxmox Web GUI – JamesCoyle.net
1. 安裝 fail2ban
# apt-get install fail2ban
2. 備份 fail2ban 設定檔 /etc/fail2ban/jail.conf
# cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.conf.$(date +%F)[@more@]3. 在 /etc/fail2ban/jail.conf 設定檔中加入下面幾行設定
[proxmox-web-gui]
enabled = true
port = http,https,8006
filter = proxmox-web-gui
logpath = /var/log/daemon.log
maxretry = 3
bantime = 86400
# sed -i ‘$a n[proxmox-web-gui]nenabled = truenport = http,https,8006n
filter = proxmox-web-guinlogpath = /var/log/daemon.lognmaxretry = 3nbantim
e = 86400′ /etc/fail2ban/jail.conf
4. 建立 proxmox-web-gui.conf 設定檔
# vim /etc/fail2ban/filter.d/proxmox-web-gui.conf
加入下面的設定
[Definition]
failregex = pvedaemon[[0-9]+]: authentication failure; rhost=<HOST> user=.* msg=.*
5. 測試設定檔
# fail2ban-regex /var/log/daemon.log /etc/fail2ban/filter.d/proxmox-web-gui.conf
Running tests
=============
Use failregex file : /etc/fail2ban/filter.d/proxmox-web-gui.conf
Use log file : /var/log/daemon.log
Results
=======
Failregex: 1 total
|- #) [# of hits] regular expression
| 1) [1] pvedaemon[[0-9]+]: authentication failure; rhost=<HOST> user=.* msg=.*
`-
Ignoreregex: 0 total
Date template hits:
|- [# of hits] date format
| [4421] MONTH Day Hour:Minute:Second
`-
Lines: 4421 lines, 0 ignored, 1 matched, 4420 missed
6. 重新啟動 fail2ban
# systemctl restart fail2ban
7. 列出使用狀況
# fail2ban-client -v status
INFO Using socket file /var/run/fail2ban/fail2ban.sock
Status
|- Number of jail: 2
`- Jail list: ssh, proxmox-web-gui
# fail2ban-client -v status proxmox-web-gui
INFO Using socket file /var/run/fail2ban/fail2ban.sock
Status for the jail: proxmox-web-gui
|- filter
| |- File list: /var/log/daemon.log
| |- Currently failed: 1
| `- Total failed: 1
`- action
|- Currently banned: 0
| `- IP list:
`- Total banned: 0