Configuring fail2ban

Configuring fail2ban in Baserock is fairly easy if you already have some knowledge about the tool.

A simple example for configuring it to ban IPs that make to many ssh attempts; create a file /etc/fail2ban/jail.d/ssh.conf with the following contents:

[DEFAULT]
bantime = 3600
backend = systemd

[sshd]
enabled = true

Now you can enable and/or start fail2ban:

# systemctl enable fail2ban
# systemctl start fail2ban

If you want to see if it's working for your use case, you can have a look at fail2ban logs:

# tailf  /var/log/fail2ban.log

You can also have a look at /etc/fail2ban/jail.conf for more information about fail2ban and some configuration examples.

Note: For using fail2ban make sure that fail2ban and iptables are installed in the system. Currently these components are provided by connectivity.morph and fail2ba-common.morph and included by default in Trove systems (17-03-2016)