标签:
有时候很懒,又看不得别人一直在尝试SSH端口。
尝试用了下fail2ban这个软件,简单粗暴正是我们想要的效果。
yum install fail2ban -y //epel
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
vim /etc/fail2ban/jail.local
# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not
# ban a host which matches an address in this list. Several addresses can be
# defined using space separator. //多个IP使用空格分开,这个就是白名单了。
ignoreip = 127.0.0.1/8 1.2.3.4
service fail2ban start
嗯,就这样。
标签:
原文地址:http://my.oschina.net/longquan/blog/478511
