问题

在最新安装的 debian12 上遇到以下问题:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
 fail2ban.service - Fail2Ban Service
     Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; preset: enabled)
     Active: failed (Result: exit-code) since Fri 2023-09-15 12:34:46 CEST; 1min 47s ago
   Duration: 71ms
       Docs: man:fail2ban(1)
    Process: 1027 ExecStart=/usr/bin/fail2ban-server -xf start (code=exited, status=255/EXCEPTION)
   Main PID: 1027 (code=exited, status=255/EXCEPTION)
        CPU: 68ms

Sep 15 12:34:46 jelly systemd[1]: Started fail2ban.service - Fail2Ban Service.
Sep 15 12:34:46 jelly fail2ban-server[1027]: 2023-09-15 12:34:46,418 fail2ban.configreader   [1027]: WARNING 'allowipv6' not defined in 'Definition'. Using default one: 'auto'
Sep 15 12:34:46 jelly fail2ban-server[1027]: 2023-09-15 12:34:46,427 fail2ban                [1027]: ERROR   Failed during configuration: Have not found any log file for sshd jail
Sep 15 12:34:46 jelly fail2ban-server[1027]: 2023-09-15 12:34:46,428 fail2ban                [1027]: ERROR   Async configuration of server failed
Sep 15 12:34:46 jelly systemd[1]: fail2ban.service: Main process exited, code=exited, status=255/EXCEPTION
Sep 15 12:34:46 jelly systemd[1]: fail2ban.service: Failed with result 'exit-code'.

解决办法

  1. 安装 python3-systemd
1
apt install python3-systemd

  1. 创建一个/etc/fail2ban/jail.local 文件

  2. 添加以下内容:

1
2
3
4
5
6
7
8
9
10
11
12
13
[DEFAULT]
# Debian 12 has no log files, just journalctl
backend = systemd

# "bantime" is the number of seconds that a host is banned.
bantime  = 1d
# "maxretry" is the number of failures before a host get banned.
maxretry = 5
# A host is banned if it has generated "maxretry" during the last "findtime"
findtime  = 1h

[sshd]
enabled = true
  1. 重启 fail2ban
1
2
systemctl restart fail2ban
systemctl status fail2ban