CentOS 7.0にしてから、Fail2Banの設定ができていませんでした。
Fail2Ban Ver0.9から設定方法が変更されているようです。
※firewalldは早々にあきらめて、Iptablesに変更してあります。
vi /etc/fail2ban/jail.d/sshd.local
1 2 3 4 5 6 7 | [</span><span class="crayon-v">ssh</span><span class="crayon-o">-</span><span class="crayon-v">iptables</span><span class="crayon-sy">]</span></div><div id="crayon-54b35cbad787b928107401-2" class="crayon-line crayon-striped-line"><span class="crayon-v">enabled</span><span class="crayon-h"> </span><span class="crayon-o">=</span> <span class="crayon-t">true</span></div><div id="crayon-54b35cbad787b928107401-3" class="crayon-line"><span class="crayon-v">filter</span><span class="crayon-h"> </span><span class="crayon-o">=</span> <span class="crayon-e">sshd</span></div><div id="crayon-54b35cbad787b928107401-4" class="crayon-line crayon-striped-line"><span class="crayon-v">action</span><span class="crayon-h"> </span><span class="crayon-o">=</span> <span class="crayon-v">iptables</span><span class="crayon-sy">[</span><span class="crayon-v">name</span><span class="crayon-o">=</span><span class="crayon-v">SSH</span><span class="crayon-sy">,</span> <span class="crayon-v">port</span><span class="crayon-o">=</span><span class="crayon-v">ssh</span><span class="crayon-sy">,</span> <span class="crayon-v">protocol</span><span class="crayon-o">=</span><span class="crayon-v">tcp</span><span class="crayon-sy">]</span></div><div id="crayon-54b35cbad787b928107401-5" class="crayon-line"><span class="crayon-v">logpath</span><span class="crayon-h"> </span><span class="crayon-o">=</span> <span class="crayon-o">/</span><span class="crayon-t">var</span><span class="crayon-o">/</span><span class="crayon-v">log</span><span class="crayon-o">/</span><span class="crayon-e">secure</span></div><div id="crayon-54b35cbad787b928107401-6" class="crayon-line crayon-striped-line"><span class="crayon-v">maxretry</span> <span class="crayon-o">=</span> <span class="crayon-cn">5</span></div><div id="crayon-54b35cbad787b928107401-7" class="crayon-line"><span class="crayon-v">bantime</span> <span class="crayon-o">=</span> <span class="crayon-cn">86400 |
下記のページを参考にしました。
http://blog.iopsl.com/fail2ban-on-centos-7-to-protect-ssh/
