Dietpi: General | Install Fail2Ban for all DietPi systems, as default.

Created on 13 Oct 2015  路  7Comments  路  Source: MichaIng/DietPi

http://fuzon.co.uk/phpbb/viewtopic.php?f=9&t=123&p=436#p428

NB: prevents brute-force attacks by banning IP address

Enhancement
Source
picture Fourdee

Most helpful comment

@joaofl
It is really only the loglevel settings that you need to change (or remove to revert to defaults):
In /etc/fail2ban/fail2ban.log:
loglevel = 3 => loglevel = INFO

I reworked our installed a bid and fixed this: https://github.com/MichaIng/DietPi/pull/2727

picture MichaIng on 20 Apr 2019
🎉1 👍1

All 7 comments

The following NEW packages will be installed:
fail2ban libpython-stdlib libpython2.7-minimal libpython2.7-stdlib
libsqlite3-0 mime-support python python-minimal python2.7 python2.7-minimal
0 upgraded, 10 newly installed, 0 to remove and 0 not upgraded.
Need to get 4,377 kB of archives.
After this operation, 16.6 MB of additional disk space will be used.

Pretty chunky due to python pre-reqs, will add as an optional installation option in DietPi-Software.

Fourdee picture Fourdee on 13 Oct 2015

NB: Requires rsyslog (so SSH can log to /var/log/auth.log via syslog), and SSh server logging enabled.

Fourdee picture Fourdee on 13 Oct 2015

Done, available in next release (v97).

Fourdee picture Fourdee on 13 Oct 2015
👍1

@Fourdee
I tried to install it today and it did not work out of the box. Investigating, I got to know rsyslog was required, and it is still not on the install script. Should I add it?

joaofl picture joaofl on 20 Apr 2019

@joaofl
rsyslog is not required as long as journald is used to check for SSH authentication failures. And our installer pre-configures fail2ban to do so.

However does the installer break at some point? Will try it on test system.

Indeed some changes have been done to the Stretch fail2ban, staring with the logging system from numerical:

# Option: loglevel
# Notes.: Set the log level output.
#         1 = ERROR
#         2 = WARN
#         3 = INFO
#         4 = DEBUG
# Values: [ NUM ]  Default: 1
#
loglevel = 3

to words with more levels:

# Option: loglevel
# Notes.: Set the log level output.
#         CRITICAL
#         ERROR
#         WARNING
#         NOTICE
#         INFO
#         DEBUG
# Values: [ LEVEL ]  Default: ERROR
#
loglevel = INFO

Maintainer defaults are what we want, will switch to keep the config file, leave the logging mode and only adjust the settings that we need (syslog/journald).

MichaIng picture MichaIng on 20 Apr 2019

@joaofl
It is really only the loglevel settings that you need to change (or remove to revert to defaults):
In /etc/fail2ban/fail2ban.log:
loglevel = 3 => loglevel = INFO

I reworked our installed a bid and fixed this: https://github.com/MichaIng/DietPi/pull/2727

MichaIng picture MichaIng on 20 Apr 2019
🎉1 👍1

@MichaIng Thanks for the quick fix. I'll give it a try soon.

joaofl picture joaofl on 20 Apr 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

Invictaz picture Invictaz  路  3Comments
bhaveshgohel picture bhaveshgohel  路  3Comments
Fourdee picture Fourdee  路  3Comments
pfeerick picture pfeerick  路  3Comments
Fourdee picture Fourdee  路  3Comments