{"id":5951,"date":"2016-05-17T12:24:01","date_gmt":"2016-05-17T04:24:01","guid":{"rendered":"http:\/\/rmohan.com\/?p=5951"},"modified":"2016-05-17T12:24:01","modified_gmt":"2016-05-17T04:24:01","slug":"banning-visitors-from-a-specific-country-using-fail2ban-centos-7","status":"publish","type":"post","link":"https:\/\/mohan.sg\/?p=5951","title":{"rendered":"Banning visitors from a specific country using Fail2ban CENTOS 7"},"content":{"rendered":"<p>This article, we will take a look on how to exempt from banning visitors from a specific country using Fail2ban and geoip.<br \/>\nIt is assumed that Fail2ban is already installed and configured in your server.<br \/>\nLets install first the geoip:<\/p>\n<p>yum install geoip<\/p>\n<p>Create Fail2ban action script:<\/p>\n<p>vi \/etc\/fail2ban\/action.d\/geohostsdeny.conf<\/p>\n<p>Copy the following script:<\/p>\n<p>[Definition]<\/p>\n<p># Option:\u00a0 actionstart<br \/>\n# Notes.:\u00a0 command executed once at the start of Fail2Ban.<br \/>\n# Values:\u00a0 CMD<br \/>\n#<br \/>\nactionstart =<\/p>\n<p># Option:\u00a0 actionstop<br \/>\n# Notes.:\u00a0 command executed once at the end of Fail2Ban<br \/>\n# Values:\u00a0 CMD<br \/>\n#<br \/>\nactionstop =<\/p>\n<p># Option:\u00a0 actioncheck<br \/>\n# Notes.:\u00a0 command executed once before each actionban command<br \/>\n# Values:\u00a0 CMD<br \/>\n#<br \/>\nactioncheck =<\/p>\n<p># Option:\u00a0 actionban<br \/>\n# Notes.:\u00a0 command executed when banning an IP. Take care that the<br \/>\n#\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 command is executed with Fail2Ban user rights.<br \/>\n#\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Excludes PH|Philippines from banning.<br \/>\n# Tags:\u00a0\u00a0\u00a0 See jail.conf(5) man page<br \/>\n# Values:\u00a0 CMD<br \/>\n#<br \/>\nactionban = IP=&lt;ip&gt; &amp;&amp;<br \/>\nCOUNTRY=$(geoiplookup $IP | egrep &#8220;&lt;country_list&gt;&#8221;) &amp;&amp; [ &#8220;$COUNTRY&#8221; ] ||<br \/>\n(printf %%b &#8220;&lt;daemon_list&gt;: $IP\\n&#8221; &gt;&gt; &lt;file&gt;<\/p>\n<p># Option:\u00a0 actionunban<br \/>\n# Notes.:\u00a0 command executed when unbanning an IP. Take care that the<br \/>\n#\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 command is executed with Fail2Ban user rights.<br \/>\n# Tags:\u00a0\u00a0\u00a0 See jail.conf(5) man page<br \/>\n# Values:\u00a0 CMD<br \/>\n#<br \/>\nactionunban = IP=&lt;ip&gt; &amp;&amp; sed -i.old \/ALL:\\ $IP\/d &lt;file&gt;<\/p>\n<p>[Init]<\/p>\n<p># Option:\u00a0 country_list<br \/>\n# Notes.:\u00a0 List of exempted countries separated by pipe &#8220;|&#8221;<br \/>\n# Values:\u00a0 STR\u00a0 Default:<br \/>\n#<br \/>\ncountry_list = PH|Philippines<\/p>\n<p># Option:\u00a0 file<br \/>\n# Notes.:\u00a0 hosts.deny file path.<br \/>\n# Values:\u00a0 STR\u00a0 Default:\u00a0 \/etc\/hosts.deny<br \/>\n#<br \/>\nfile = \/etc\/hosts.deny<\/p>\n<p># Option:\u00a0 daemon_list<br \/>\n# Notes:\u00a0\u00a0 The list of services that this action will deny. See the man page<br \/>\n#\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 for hosts.deny\/hosts_access. Default is all services.<br \/>\n# Values:\u00a0 STR\u00a0 Default: ALL<br \/>\ndaemon_list = ALL<\/p>\n<p>The script above will exempt from banning the visitors from Philippines which defined in &#8220;country_list&#8221;.<br \/>\nTo enable our action script in Fail2Ban:<\/p>\n<p>vi \/etc\/fail2ban\/jail.local<\/p>\n<p>Copy the following line:<\/p>\n<p>banaction = geohostsdeny<\/p>\n<p>Restart Fail2Ban:<\/p>\n<p>systemctl restart fail2ban<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This article, we will take a look on how to exempt from banning visitors from a specific country using Fail2ban and geoip. It is assumed that Fail2ban is already installed and configured in your server. Lets install first the geoip:<\/p>\n<p>yum install geoip<\/p>\n<p>Create Fail2ban action script:<\/p>\n<p>vi \/etc\/fail2ban\/action.d\/geohostsdeny.conf<\/p>\n<p>Copy the following script:<\/p>\n<p>[Definition]<\/p>\n<p># [&#8230;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[73],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/5951"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5951"}],"version-history":[{"count":1,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/5951\/revisions"}],"predecessor-version":[{"id":5952,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/5951\/revisions\/5952"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5951"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5951"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5951"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}