Plusieurs points qui nécessiteront une mise à jour du tuto
- j ai du creer manuellement le fichier "auth.log" dans "/var/log/owncloud"
- je me suis trompé dans les postinit et shudown dans Système|Avancé|Scripts de commande
il faut mettre
"/mnt/pool1/app/f2banner start" en postinit
"/mnt/pool1/app/fail2banner stop" en shutdown
ces 2 fichiers doivent au préalable etre rendu excecutable
chmod a+x /mnt/pool1/app/f2banner
chmod a+x /mnt/pool1/app/fail2banner
ensuite soit sur d'avoir bien modifier le fichier database.php
et d'avoir modifier l IP dans
tu remplaces 10.0.0.21 par celle de ta jail[owncloud]
enabled = true
action = owncloud[localhost=10.0.0.21]
filter = owncloud
logpath = /var/log/owncloud/auth.log
maxretry = 3
et enfin
tu remplaces également l IP et le port 443 par le port que tu as mis dans lighttpd.conf# Fail2Ban configuration file
#
# Author: Nick Munger
# Modified by: Alexey Kruglov
#
# $Revision$
#
[Definition]
# Option: actionstart
# Notes.: command executed once at the start of Fail2Ban.
# Values: CMD
#
actionstart =
# Option: actionstop
# Notes.: command executed once at the end of Fail2Ban
# Values: CMD
#
actionstop =
# Option: actioncheck
# Notes.: command executed once before each actionban command
# Values: CMD
#
actioncheck =
# Option: actionban
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: <ip> IP address
# <failures> number of failures
# <time> unix timestamp of the ban time
# Values: CMD
#
actionban = echo "ipfw add deny tcp from <ip> to <localhost> <port>" > /tmp/fail2ban
# Option: actionunban
# Notes.: command executed when unbanning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: <ip> IP address
# <failures> number of failures
# <time> unix timestamp of the ban time
# Values: CMD
#
actionunban = echo "ipfw delete \`ipfw list | grep -i <ip> | awk '{print \$1;}'\`" > /tmp/fail2ban
[Init]
# Option: port
# Notes.: specifies port to monitor, as for me, it not understand http and https, I wrote port number
# Values: [ NUM | STRING ]
#
port = 443
# Option: localhost
# Notes.: the local IP address of the network interface
# Values: IP
#
localhost = 127.0.0.1 10.0.0.21
Ensuite tu relances le serveur
deja on voit ca apres on avise

