As usual CentOS 7 brings many adventures to the sysadmin and installing Fail2Ban was no exception.
We need the epel repo installed.
sudo yum install epel-release
Install the following two fail2ban packages.
sudo yum install fail2ban fail2ban-systemd
Make the local jail file by copying jail.conf
cp -pf /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
To this file I add my home IP address to the ignoreip line.
sudo vim /etc/fail2ban/jail.local
Create the sshd jail.
sudo vim /etc/fail2ban/jail.d/sshd.local
enabled = true
port = ssh
#banaction = firewallcmd-ipset
banaction = iptables-allports
logpath = %(sshd_log)s
maxretry = 5
bantime = 86400
Issue the usual start and enable commands.
sudo systemctl enable fail2ban
sudo systemctl start fail2ban
Check on the status of our jail.
sudo fail2ban-client status sshd
View the firewall rules associated with any bans.
sudo iptables -L -n