Академический Документы
Профессиональный Документы
Культура Документы
# WAN
auto eth0
iface eth0 inet dhcp
# LAN
auto eth1
iface eth1 inet static
address 192.168.20.1
network 192.168.20.0
netmask 255.255.255.0
broadcast 192.168.20.255
DEFAULT_FORWARD_POLICY="ACCEPT"
net.ipv4.ip_forward=1
# don't delete the 'COMMIT' line or these nat table rules won't be
processed
COMMIT
INTERFACES="eth1"
default-lease-time 600;
max-lease-time 7200;
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;
# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;
STEP 4: SECURITY
LogLevel VERBOSE
test with:
sudo fail2ban-regex /var/log/auth.log /etc/fail2ban/filter.d/sshd.conf | more