Page 2 of 2 FirstFirst 12
Results 16 to 19 of 19

Thread: how to install fail2ban on a WL700g

  1. #16
    Join Date
    Aug 2007
    Location
    Austria
    Posts
    52

    Thumbs up

    @medsource
    thanks again for your excellent documentation,

    yesterday i had some time to play with and i got fail2ban installed and working too.
    first i tried it with your setup, which works nicely with vsftp, but i couldn't get it running with dropbear, because i couldn't find any possibility to configure dropbear where to write it's logfile.

    then i came back to my original approach using syslog-ng

    after fine-tweaking a lot the syslog-ng filters and logs finally it works.
    looking at the fail2ban-log-file this morning showed me that 3 attempts to hack my wl700 have been banned - i'm happy

    brgds
    tiwag

  2. #17
    HI, now I'm testing fail2ban and for vsftpd is working but for dropbear not.
    I starting dropbear with:
    dropbear -E 2> /opt/val/log/dropbear.log and dropbear log is now runing but fai2ban isn't runing witch this log.

    my settings fail2ban for ssh is:
    jail.conf

    [ssh-iptables]

    enabled = true
    filter = sshd
    action = iptables[name=dropbear, port=ssh, protocol=tcp]
    sendmail-whois[name=SSH, dest=mail@blah.com, sender=fail2ban@blah.com]
    logpath = /opt/var/log/dropbear.log
    maxretry = 3

    and i think that failregex in filter.d/sshd.conf is wrong for my log.

    How can have to change this failregex??
    thanks a lot

  3. #18
    Quote Originally Posted by greengreen View Post
    HI, now I'm testing fail2ban and for vsftpd is working but for dropbear not.
    I starting dropbear with:
    dropbear -E 2> /opt/val/log/dropbear.log and dropbear log is now runing but fai2ban isn't runing witch this log.

    my settings fail2ban for ssh is:
    jail.conf

    [ssh-iptables]

    enabled = true
    filter = sshd
    action = iptables[name=dropbear, port=ssh, protocol=tcp]
    sendmail-whois[name=SSH, dest=mail@blah.com, sender=fail2ban@blah.com]
    logpath = /opt/var/log/dropbear.log
    maxretry = 3

    and i think that failregex in filter.d/sshd.conf is wrong for my log.

    How can have to change this failregex??
    thanks a lot
    Is that really your dropbear start command??? If so you have a typo. You have put in the path opt/val/log in the dropbear start command and have fail2ban looking in opt/var/log. Dunno off hand beyond that (hopefully it's that simple).

  4. #19
    Join Date
    Jan 2009
    Location
    Ukraine, Kiev
    Posts
    25
    I've got fail2ban running on RT-R16.
    Here is ipkg-file.
    Attached Files Attached Files

Page 2 of 2 FirstFirst 12

Similar Threads

  1. Инструкция по настройке роутера WL-500gP с нуля
    By OlegI in forum Russian Discussion - РУССКИЙ (RU)
    Replies: 1259
    Last Post: 10-02-2011, 22:25
  2. Русские имена торрентов
    By Mirage-net in forum Russian Discussion - РУССКИЙ (RU)
    Replies: 110
    Last Post: 18-06-2010, 15:16
  3. Install softs even you can't install ipkg
    By once in forum SL-1000 Q&A
    Replies: 0
    Last Post: 21-06-2007, 07:50
  4. Ctcs install
    By fisha in forum WL-HDD Q&A
    Replies: 0
    Last Post: 30-08-2006, 13:48
  5. Install python; no success?!
    By ikerstges in forum WL-500g Q&A
    Replies: 4
    Last Post: 07-03-2006, 15:36

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •