- 1. 概要
- 2. インストール
- 3. 構成
1. 概要
ここでは、まず、「FreeBSD」へ「ports」でインストールする方法を記述します。
2. インストール
「root」ユーザ権限で。
cd /usr/ports/security/py-fail2ban
make config
オプションは、デフォルトのままにしておきます。
make NO_DIALOG=yes
make install
ビルドもインストールも短時間で終わります。
インストール時のメッセージを記録しておきます。
===> Installing for py312-fail2ban-1.1.0_8
===> Checking if py312-fail2ban is already installed
===> Registering installation for py312-fail2ban-1.1.0_8
Installing py312-fail2ban-1.1.0_8...
Please do not edit the fail2ban.conf, jail.conf, or any other
files in the distribution as they will be overwritten upon each
upgrade of the port. Instead, create new files named *.local e.g.
fail2ban.local or jail.local.
For more information, see the official manual:
http://www.fail2ban.org/wiki/index.php/MANUAL_0_8#Configuration
If you have custom filters or actions and you are upgrading from
0.9.x please check them.
Users of pf: please read the notes in action.d/pf.conf and the
discussion at https://github.com/fail2ban/fail2ban/pull/1925
Please note that fail2ban will put curly braces '{}' around the
ports in the action so you shouldn't do it yourself.
上記は、「FreeBSD 15.0-RELEASE-p2」へ、2026年2月27日にインストールしたときのものです。
3. 構成
インストールした時点で、サービス起動用の。
/usr/local/etc/rc.d/fail2ban
と下記の設定用ファイルが作成されています(6 ディレクトリ、178 ファイル)。
/usr/local/etc/fail2ban/
|-- action.d
| |-- abuseipdb.conf
| |-- apf.conf
| |-- apprise.conf
| |-- blocklist_de.conf
| |-- bsd-ipfw.conf
| |-- cloudflare-token.conf
| |-- cloudflare.conf
| |-- complain.conf
| |-- dshield.conf
| |-- dummy.conf
| |-- firewallcmd-allports.conf
| |-- firewallcmd-common.conf
| |-- firewallcmd-ipset.conf
| |-- firewallcmd-multiport.conf
| |-- firewallcmd-new.conf
| |-- firewallcmd-rich-logging.conf
| |-- firewallcmd-rich-rules.conf
| |-- helpers-common.conf
| |-- hostsdeny.conf
| |-- ipfilter.conf
| |-- ipfw.conf
| |-- ippool.conf
| |-- iptables-allports.conf
| |-- iptables-ipset-proto4.conf
| |-- iptables-ipset-proto6-allports.conf
| |-- iptables-ipset-proto6.conf
| |-- iptables-ipset.conf
| |-- iptables-multiport-log.conf
| |-- iptables-multiport.conf
| |-- iptables-new.conf
| |-- iptables-xt_recent-echo.conf
| |-- iptables.conf
| |-- ipthreat.conf
| |-- mail-buffered.conf
| |-- mail-whois-common.conf
| |-- mail-whois-lines.conf
| |-- mail-whois.conf
| |-- mail.conf
| |-- mikrotik.conf
| |-- mynetwatchman.conf
| |-- netscaler.conf
| |-- nftables-allports.conf
| |-- nftables-multiport.conf
| |-- nftables.conf
| |-- nginx-block-map.conf
| |-- npf.conf
| |-- nsupdate.conf
| |-- osx-afctl.conf
| |-- osx-ipfw.conf
| |-- pf.conf
| |-- route.conf
| |-- sendmail-buffered.conf
| |-- sendmail-common.conf
| |-- sendmail-geoip-lines.conf
| |-- sendmail-whois-ipjailmatches.conf
| |-- sendmail-whois-ipmatches.conf
| |-- sendmail-whois-lines.conf
| |-- sendmail-whois-matches.conf
| |-- sendmail-whois.conf
| |-- sendmail.conf
| |-- shorewall-ipset-proto6.conf
| |-- shorewall.conf
| |-- smtp.py
| |-- symbiosis-blacklist-allports.conf
| |-- ufw.conf
| `-- xarf-login-attack.conf
|-- fail2ban.conf
|-- fail2ban.d
|-- filter.d
| |-- 3proxy.conf
| |-- apache-auth.conf
| |-- apache-badbots.conf
| |-- apache-botsearch.conf
| |-- apache-common.conf
| |-- apache-fakegooglebot.conf
| |-- apache-modsecurity.conf
| |-- apache-nohome.conf
| |-- apache-noscript.conf
| |-- apache-overflows.conf
| |-- apache-pass.conf
| |-- apache-shellshock.conf
| |-- assp.conf
| |-- asterisk.conf
| |-- bitwarden.conf
| |-- botsearch-common.conf
| |-- bsd-sendmail.conf
| |-- bsd-sshd-session.conf
| |-- bsd-sshd.conf
| |-- bsdftp.conf
| |-- centreon.conf
| |-- common.conf
| |-- counter-strike.conf
| |-- courier-auth.conf
| |-- courier-smtp.conf
| |-- cyrus-imap.conf
| |-- dante.conf
| |-- directadmin.conf
| |-- domino-smtp.conf
| |-- dovecot.conf
| |-- dropbear.conf
| |-- drupal-auth.conf
| |-- ejabberd-auth.conf
| |-- exim-common.conf
| |-- exim-spam.conf
| |-- exim.conf
| |-- freeswitch.conf
| |-- froxlor-auth.conf
| |-- gitlab.conf
| |-- grafana.conf
| |-- groupoffice.conf
| |-- gssftpd.conf
| |-- guacamole.conf
| |-- haproxy-http-auth.conf
| |-- horde.conf
| |-- ignorecommands
| | `-- apache-fakegooglebot
| |-- kerio.conf
| |-- lighttpd-auth.conf
| |-- mongodb-auth.conf
| |-- monit.conf
| |-- monitorix.conf
| |-- mssql-auth.conf
| |-- murmur.conf
| |-- mysqld-auth.conf
| |-- nagios.conf
| |-- named-refused.conf
| |-- nginx-bad-request.conf
| |-- nginx-botsearch.conf
| |-- nginx-error-common.conf
| |-- nginx-forbidden.conf
| |-- nginx-http-auth.conf
| |-- nginx-limit-req.conf
| |-- nsd.conf
| |-- openhab.conf
| |-- openwebmail.conf
| |-- oracleims.conf
| |-- pam-generic.conf
| |-- perdition.conf
| |-- php-url-fopen.conf
| |-- phpmyadmin-syslog.conf
| |-- portsentry.conf
| |-- postfix.conf
| |-- proftpd.conf
| |-- pure-ftpd.conf
| |-- qmail.conf
| |-- recidive.conf
| |-- roundcube-auth.conf
| |-- routeros-auth.conf
| |-- scanlogd.conf
| |-- screensharingd.conf
| |-- selinux-common.conf
| |-- selinux-ssh.conf
| |-- sendmail-auth.conf
| |-- sendmail-reject.conf
| |-- sieve.conf
| |-- slapd.conf
| |-- softethervpn.conf
| |-- sogo-auth.conf
| |-- solid-pop3d.conf
| |-- squid.conf
| |-- squirrelmail.conf
| |-- sshd.conf
| |-- stunnel.conf
| |-- suhosin.conf
| |-- tine20.conf
| |-- traefik-auth.conf
| |-- uwimap-auth.conf
| |-- vsftpd.conf
| |-- webmin-auth.conf
| |-- wuftpd.conf
| |-- xinetd-fail.conf
| |-- znc-adminlog.conf
| `-- zoneminder.conf
|-- jail.conf
|-- jail.d
|-- paths-arch.conf
|-- paths-common.conf
|-- paths-debian.conf
|-- paths-fedora.conf
|-- paths-freebsd.conf
|-- paths-opensuse.conf
`-- paths-osx.conf
|
|
