#!/bin/bash # ============================================================================== # 脚本名称: fail2ban_setup.sh # 脚本功能: 自动化安装与配置 Fail2ban 动态防暴力破解(加强版) # 支持系统: Debian, Ubuntu, CentOS, RHEL, Rocky Linux, AlmaLinux # ============================================================================== # 颜色定义 RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[0;33m' BLUE='\033[0;36m' PLAIN='\033[0m' # 检查是否为 root 用户 if [ "$(id -u)" != "0" ]; then echo -e "${RED}错误:请使用 root 用户或通过 sudo 运行此脚本!${PLAIN}" exit 1 fi # 检测系统架构与发行版 if [ -f /etc/os-release ]; then . /etc/os-release OS=$ID VERSION_ID=$VERSION_ID else echo -e "${RED}错误:无法识别当前系统系统!${PLAIN}" exit 1 fi echo -e "${BLUE}==================================================${PLAIN}" echo -e "${GREEN} Fail2ban 动态防暴力破解一键配置脚本${PLAIN}" echo -e "${BLUE}==================================================${PLAIN}" # 1. 安装 Fail2ban install_fail2ban() { echo -e "${YELLOW}[1/3] 正在安装 Fail2ban...${PLAIN}" if [[ "$OS" == "ubuntu" || "$OS" == "debian" ]]; then apt-get update -y apt-get install -y fail2ban rsyslog elif [[ "$OS" == "centos" || "$OS" == "rhel" || "$OS" == "rocky" || "$OS" == "alma" ]]; then yum install -y epel-release yum makecache yum install -y fail2ban rsyslog else echo -e "${RED}暂不支持此系统发行版:$OS${PLAIN}" exit 1 fi if [ $? -eq 0 ]; then echo -e "${GREEN}Fail2ban 安装成功!${PLAIN}" else echo -e "${RED}Fail2ban 安装失败,请检查网络或软件源。${PLAIN}" exit 1 fi } # 2. 配置 Fail2ban configure_fail2ban() { echo -e "${YELLOW}[2/3] 正在配置防护规则...${PLAIN}" # 确保防火墙后端适配(有些新系统默认使用 nftables 或 firewalld,这里做基础兼容) BANACTION="iptables-multiport" if command -v ufw >/dev/null 2>&1; then BANACTION="ufw" elif command -v firewall-cmd >/dev/null 2>&1; then BANACTION="firewalld-multiport" fi # 创建自定义局部配置文件 jail.local cat > /etc/fail2ban/jail.local </dev/null 2>&1 # 启动 Fail2ban systemctl daemon-reload systemctl enable fail2ban systemctl restart fail2ban if systemctl is-active --quiet fail2ban; then echo -e "${GREEN}===============================================================================${PLAIN}" echo -e "${GREEN}🎉 Fail2ban 动态防暴破部署成功并已开始运行!查看状态:fail2ban-client status ${PLAIN}" echo -e "${GREEN}===============================================================================${PLAIN}" else echo -e "${RED}警告:Fail2ban 服务启动失败,请运行 'journalctl -u fail2ban' 查看错误日志。${PLAIN}" fi } # 简易管理菜单 show_status() { echo -e "\n${BLUE}--- Fail2ban 当前防护状态 ---${PLAIN}" if systemctl is-active --quiet fail2ban; then # 获取被封禁的 SSH IP INFO=$(fail2ban-client status sshd) echo "$INFO" else echo -e "${RED}Fail2ban 未在运行!${PLAIN}" fi } # 执行流程 install_fail2ban configure_fail2ban start_services