1.设置策略frps.conf
cat /etc/fail2ban/filter.d/frps.conf
[Definition]
failregex=^.client login info: ip [:[0-9]]
ignoreregex =
2.设置fail2ban加载
cat /etc/fail2ban/jail.conf
[frp]
enabled = true
findtime = 600
maxretry = 10
bantime = 7200
filter = frps
logpath = /root/frp/frps/frps.log
protocol = all
chain = all
port = all
action = iptables-allports[name=frp,protocol=all]
3.设置FRPS日志输出(写在Token前面一行)
log_file = /root/frp/frps/frps.log
log_level = info
log_max_days = 3
4.重启fail2ban服务
systemctl restart fail2ban
5.查看状态是否正常
systemctl status fail2ban
6.查看fail2ban日志输出
cat /var/log/fail2ban.log
7.查看iptables
iptables -L 或者 iptables -L f2b-frp -n
8.解绑IP
fail2ban-client set frp flush(解封所有ip)
fail2ban-client set frp unbanip 192.168.1.101
9.查看ban掉的IP
fail2ban-client status frp
fail2ban-client get frp banip all
