fail2ban tool monitors your log files and acts as soon as it discovers malicious behavior in the way you told it to. One common use case is blocking malicious IP addresses by establishing firewall rules on the fly using iptables.
In this section, we'll take a look at how to set up a basic protection for by SSH using
Make sure that you have a cookbook named
my_cookbook and that the
run_list of your node includes
my_cookbook, as described in the Creating and using cookbooks recipe in Chapter 1, Chef Infrastructure.
Make sure that you have created the
ssh.erb template for your
iptables rule as described in the Managing firewalls with iptables recipe in this chapter.
Berksfile in your Chef repository including