Fail2ban

停止 fail2ban 停止/啟動通知

  • March 2, 2021

如果伺服器重新啟動,或者即使 fail2ban 停止/啟動,它也會發送通知。

[asterisk-iptables]
enabled  = true
filter   = asterisk
action   = iptables-allports[name=ASTERISK, protocol=all]
          sendmail-whois[name=ASTERISK, dest=blah@foo.com, sender=blah@foo.com] 
logpath  = /var/log/asterisk/messages
maxretry = 5
bantime = 259200

刪除 sendmail-whois 會停止它,但它也會停止禁令通知,我怎樣才能讓它在程序開始/停止時停止通知我?

謝謝

查看action.d/mail.confaction.d/sendmail.conf哪個控制郵件的啟動/停止/禁止。

要在 CentOS 7 (RHEL 7) 上的 Fail2Ban v0.9.1(來自 epel 儲存庫)上解決此問題,您可以覆蓋 /etc/fail2ban/action.d/sendmail-common 中的 sendmail 啟動和停止操作(將它們設置為空)。當地的。我通過以 root 身份執行這些命令來創建此文件:

cat << EOF >> /etc/fail2ban/action.d/sendmail-common.local
# Override the Fail2Ban defaults in sendmail-common.conf with these entries

[Definition]
# Disable email notifications of jails stopping or starting
actionstart =
actionstop =
EOF
cat /etc/fail2ban/action.d/sendmail-common.local

引用自:https://serverfault.com/questions/257439