Difference between revisions of "LibreNMS - snmp extend fail2ban"
From wiki.1001solutions.net
(Created page with "Category:Post-It = NginX LibreNMS script = Get the script: <nowiki> wget https://github.com/librenms/librenms-agent/raw/master/snmp/fail2ban -O /etc/snmp/fail2ban</no...") |
|||
(2 intermediate revisions by the same user not shown) | |||
Line 3: | Line 3: | ||
− | = | + | = Fail2ban LibreNMS script = |
− | Get the script: | + | Get the script and make it executable: |
<nowiki> | <nowiki> | ||
− | wget https://github.com/librenms/librenms-agent/raw/master/snmp/fail2ban -O /etc/snmp/fail2ban</nowiki> | + | wget https://github.com/librenms/librenms-agent/raw/master/snmp/fail2ban -O /etc/snmp/fail2ban && chmod +x /etc/snmp/fail2ban</nowiki> |
− | |||
− | |||
Line 25: | Line 23: | ||
Adapt your ''/etc/snmp/snmpd.conf'' with: | Adapt your ''/etc/snmp/snmpd.conf'' with: | ||
<nowiki> | <nowiki> | ||
− | extend | + | extend fail2ban /usr/bin/sudo /etc/snmp/fail2ban -c -U</nowiki> |
Restart the service. | Restart the service. | ||
+ | |||
+ | |||
+ | |||
+ | = Crontab = | ||
+ | |||
+ | Add to the crontab: | ||
+ | <nowiki> | ||
+ | */3 * * * * root /etc/snmp/fail2ban -u</nowiki> | ||
Latest revision as of 16:45, 3 May 2020
Contents
Fail2ban LibreNMS script
Get the script and make it executable:
wget https://github.com/librenms/librenms-agent/raw/master/snmp/fail2ban -O /etc/snmp/fail2ban && chmod +x /etc/snmp/fail2ban
sudo Configuration
Adapt your /etc/sudoers with:
Debian-snmp ALL=(ALL) NOPASSWD: /etc/snmp/fail2ban
SNMP Configuration
Adapt your /etc/snmp/snmpd.conf with:
extend fail2ban /usr/bin/sudo /etc/snmp/fail2ban -c -U
Restart the service.
Crontab
Add to the crontab:
*/3 * * * * root /etc/snmp/fail2ban -u
Check Command
Adapt the user and path to your configuration:
sudo -u Debian-snmp /etc/snmp/fail2ban
In case of bug with the Perl @NIC, execute:
cpan JSON
Sources