mikrotik:f2b
fail2ban для Mikrotik
Взято отсюда: http://wiki.mikrotik.com/wiki/Bruteforce_login_prevention_(FTP_%26_SSH)
/ip firewall filter add chain=input protocol=tcp dst-port=8291,22 src-address-list=ssh_blacklist \ action=drop comment="drop ssh brute forcers" add chain=input protocol=tcp dst-port=8291,22 connection-state=new src-address-list=ssh_stage4 \ action=add-src-to-address-list address-list=ssh_blacklist address-list-timeout=1h add chain=input protocol=tcp dst-port=8291,22 connection-state=new src-address-list=ssh_stage3 \ action=add-src-to-address-list address-list=ssh_stage4 address-list-timeout=1m add chain=input protocol=tcp dst-port=8291,22 connection-state=new src-address-list=ssh_stage2 \ action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1m add chain=input protocol=tcp dst-port=8291,22 connection-state=new src-address-list=ssh_stage1 \ action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m add chain=input protocol=tcp dst-port=8291,22 connection-state=new \ action=add-src-to-address-list address-list=ssh_stage1 address-list-timeout=1m
Динамически банит IP на 1 час после 4 неудачных попыток входа в течении минуты по Winbox или SSH
mikrotik/f2b.txt · Последнее изменение: 2024/05/02 13:20 — 127.0.0.1