From 39711cf6c2ec5a3b4480dcb4800cc3802bda5bf2 Mon Sep 17 00:00:00 2001 From: Lukasz Kasprzak Date: Fri, 20 Mar 2026 19:16:32 +0100 Subject: feat: first fully successful run e2e on straper --- .../etc-fail2ban/jail.d/sshd-session-preauth.local | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 straper/db/public/fail2ban/etc-fail2ban/jail.d/sshd-session-preauth.local (limited to 'straper/db/public/fail2ban/etc-fail2ban/jail.d/sshd-session-preauth.local') diff --git a/straper/db/public/fail2ban/etc-fail2ban/jail.d/sshd-session-preauth.local b/straper/db/public/fail2ban/etc-fail2ban/jail.d/sshd-session-preauth.local new file mode 100644 index 0000000..a2b9f78 --- /dev/null +++ b/straper/db/public/fail2ban/etc-fail2ban/jail.d/sshd-session-preauth.local @@ -0,0 +1,18 @@ +[sshd-session-preauth] +enabled = true +backend = systemd +filter = sshd-session-preauth +# journal match: use the unit and/or the SYSLOG_IDENTIFIER seen in logs +journalmatch = _SYSTEMD_UNIT=ssh.service + SYSLOG_IDENTIFIER=sshd-session + +# Your SSH is on 57385; Fail2ban does not need it for matching, but does for actions: +port = 57385 +mode = aggressive + +# Thresholds (safe defaults; adjust later) +findtime = 10m +maxretry = 5 +bantime = 24h + +# nftables action (single-IP bans) +banaction = nftables -- cgit v1.3