sudo apt update
sudo apt install fail2ban -y
sudo vi /etc/fail2ban/jail.local
# -1 means forever
[DEFAULT]
ignoreip = 127.0.0.1 11.22.33.44 55.66.77.88
bantime = -1
findtime = -1
maxentry = 3
maxretry = 3
sendername = Fail2Ban
destemail = root@localhost
mta = sendmail
protocol = tcp
chain = INPUT
banaction = iptables-multiport
action = %(action_)s # without sending emails
# JAILS
[sshd]
enabled = true
port = ssh
filter = sshd
logpath = %(sshd_log)s
sudo systemctl enable fail2ban
sudo service fail2ban restart
sudo service fail2ban status
sudo fail2ban-client status
sudo tail -f /var/log/fail2ban.log