LibreNMS - snmp extend fail2ban

From wiki.1001solutions.net
Revision as of 15:45, 3 May 2020 by Z (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)



Fail2ban LibreNMS script

Get the script and make it executable:

wget https://github.com/librenms/librenms-agent/raw/master/snmp/fail2ban -O /etc/snmp/fail2ban && chmod +x /etc/snmp/fail2ban


sudo Configuration

Adapt your /etc/sudoers with:

Debian-snmp ALL=(ALL) NOPASSWD: /etc/snmp/fail2ban


SNMP Configuration

Adapt your /etc/snmp/snmpd.conf with:

extend fail2ban /usr/bin/sudo /etc/snmp/fail2ban -c -U

Restart the service.


Crontab

Add to the crontab:

*/3    *    *    *    *    root    /etc/snmp/fail2ban -u


Check Command

Adapt the user and path to your configuration:

sudo -u Debian-snmp /etc/snmp/fail2ban

In case of bug with the Perl @NIC, execute:

cpan JSON


Sources