V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
justincnn
V2EX  ›  Telegram

[help]fail2ban 的 telegram 通知一直无法成功

  •  
  •   justincnn · 297 天前 · 432 次点击
    这是一个创建于 297 天前的主题,其中的信息可能已经有所发展或是发生改变。

    听了论坛的话,在 vps 装了 fail2ban 之后,已经清净了好多, 为了方便管理,想装了 telegram 的通知,搜索了教程之后,发现一直无法成功, V 版的大神,方便的话,帮忙看下,谢谢,

    • 在/etc/fail2ban/action.d/中新建 telegram.conf 文件并写入
    [Definition]
    actionstart = /etc/fail2ban/scripts/send_telegram_notif.sh -a start
    actionstop = /etc/fail2ban/scripts/send_telegram_notif.sh -a stop
    actioncheck =
    actionban = /etc/fail2ban/scripts/send_telegram_notif.sh -n <name> -b <ip>
    actionunban = /etc/fail2ban/scripts/send_telegram_notif.sh -n <name> -u <ip>
    [Init]
    init = 123
    

    在/etc/fail2ban/中新建 scripts 目录,并新增 send_telegram_notif.sh 脚本文件写入

    
    #!/bin/bash
    # Version 1.0
    # Send Fail2ban notifications using a Telegram Bot
    # Add to the /etc/fail2ban/jail.conf:
    # [sshd]
    # ***
    # action  = iptables[name=SSH, port=22, protocol=tcp]
    #                       telegram
    # Create a new file in /etc/fail2ban/action.d with the following information:
    # [Definition]
    # actionstart = /etc/fail2ban/scripts/send_telegram_notif.sh -a start
    # actionstop = /etc/fail2ban/scripts/send_telegram_notif.sh -a stop
    # actioncheck =
    # actionban = /etc/fail2ban/scripts/send_telegram_notif.sh -n <name> -b <ip>
    # actionunban = /etc/fail2ban/scripts/send_telegram_notif.sh -n <name> -u <ip>
    #
    # [Init]
    # init = 123
    # Telegram BOT Token
    telegramBotToken='xxxxx' 
    #此处替换为自己 Telegram 机器人 Token
    # Telegram Chat ID
    telegramChatID='xxxxx'#此处替换为自己的 Chat ID
    function talkToBot() {
            message=$1
            curl -s -X POST https://api.telegram.org/bot${telegramBotToken}/
    sendMessage -d text="${message}"-d chat_id=${telegramChatID} > /dev/null 2>&1
    }
    if[ $# -eq 0 ]; then
            echo "Usage $0 -a ( start || stop ) || -b $IP || -u $IP"
            exit 1;
    fi
    while getopts "a:n:b:u:" opt; do
    case"$opt"in
                    a)
                            action=$OPTARG
    ;;
                    n)
                            jail_name=$OPTARG
    ;;
                    b)
                            ban=y
                            ip_add_ban=$OPTARG
    ;;
                    u)
                            unban=y
                            ip_add_unban=$OPTARG
    ;;
                    ?)
                            echo "Invalid option. -$OPTARG"
                            exit 1
    ;;
    esac
    done
    if[[ ! -z ${action} ]]; then
    case"${action}"in
                    start)
                            talkToBot "Fail2ban has been started on `hostname`."
    ;;
                    stop)
                            talkToBot "Fail2ban has been stopped on `hostname`."
    ;;
    *)
                            echo "Incorrect option"
                            exit 1;
    ;;
    esac
    elif[[ ${ban} == "y"]]; then
            talkToBot "[${jail_name}] The IP: ${ip_add_ban} has been banned on `hostname`."
            exit 0;
    elif[[ ${unban} == "y"]]; then
            talkToBot "[${jail_name}] The IP: ${ip_add_unban} has been unbanned on `hostname`."
            exit 0;
    else
            info
    fi
    

    执行:

    chmod +x send_telegram_notif.sh
    

    修改:/etc/fail2ban/jail.local 配置文件,将启用的 jail 的 action 下添加一个 telegram ,

    action  = iptables[name=SSH,port=2202,protocol=tcp]
                telegram
    

    重启 fail2ban

    systemctl restart fail2ban
    
    目前尚无回复
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   2773 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 21ms · UTC 09:26 · PVG 17:26 · LAX 01:26 · JFK 04:26
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.