# sudo apt-get install fail2ban
# sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
# sudo nano /etc/fail2ban/jail.local
ignoreip = 127.0.0.1/8 192.168.1.0/24
bantime = -1
findtime = 31536000
maxretry = 3
sudo touch /etc/fail2ban/ip.blacklist
sudo cp /etc/fail2ban/action.d/iptables-multiport.conf /etc/fail2ban/action.d/iptables-multiport.conf.bak
sudo nano /etc/fail2ban/action.d/iptables-multiport.conf
actionstart = iptables -N fail2ban-
iptables -A fail2ban- -j RETURN
iptables -I -p -m multiport --dports -j fail2ban-
# This configuration loads the ip.blacklist file every time Fail2ban service is started.
if [ -f /etc/fail2ban/ip.blacklist ]; then cat /etc/fail2ban/ip.blacklist | grep -e $ | cut -d "," -s -f 1 | while read IP; do iptables -I fail2ban- 1 -s $IP -j DROP; done; fi
actionban = if ! iptables -C fail2ban- -s -j DROP; then iptables -I fail2ban- 1 -s -j DROP; fi
# Add offenders to ip.blacklist file, if it is not already there yet.
if ! grep -Fxq ',' /etc/fail2ban/ip.blacklist; then echo ',' >> /etc/fail2ban/ip.blacklist; fi
sudo /etc/init.d/fail2ban restart
sudo iptables -L -n
sudo fail2ban-client set unbanip
sudo sed --in-place '/,/d' /etc/fail2ban/ip.blacklist
sudo fail2ban-client reload
sudo iptables -L -n | grep
sudo iptables -L -n --line-numbers | grep
sudo iptables -D fail2ban-ssh
fail2ban-client reload