diff --git a/en_US/howto/fail2ban.sql.md b/en_US/howto/fail2ban.sql.md index ec5c69d4..0bbaafbc 100644 --- a/en_US/howto/fail2ban.sql.md +++ b/en_US/howto/fail2ban.sql.md @@ -155,9 +155,10 @@ File `/etc/fail2ban/action.d/banned_db.conf` indicates we now have a new action named `banned_db` (it's file name without extension). Feel free to open this file and check what it does. -Script `/usr/local/bin/fail2ban_banned_db` will read `/root/.my.cnf-fail2ban` -(OpenLDAP/MySQL/MariaDB backends) or `~postgresql/.pgpass` (PostgreSQL backend) -to read SQL credential. +Script `/usr/local/bin/fail2ban_banned_db` will read SQL username and password +from `/root/.my.cnf-fail2ban` (OpenLDAP/MySQL/MariaDB backends) or +`~postgresql/.pgpass` (PostgreSQL backend), then connect to SQL server and +add or remove banned IP addresses. ## Enable the new action `banned_db` diff --git a/html/fail2ban.sql.html b/html/fail2ban.sql.html index 653b3caa..7cef17a0 100644 --- a/html/fail2ban.sql.html +++ b/html/fail2ban.sql.html @@ -173,9 +173,10 @@ chmod 0550 /usr/local/bin/fail2ban_banned_db
File /etc/fail2ban/action.d/banned_db.conf
indicates we now have a new action
named banned_db
(it's file name without extension). Feel free to open this
file and check what it does.
Script /usr/local/bin/fail2ban_banned_db
will read /root/.my.cnf-fail2ban
-(OpenLDAP/MySQL/MariaDB backends) or ~postgresql/.pgpass
(PostgreSQL backend)
-to read SQL credential.
Script /usr/local/bin/fail2ban_banned_db
will read SQL username and password
+from /root/.my.cnf-fail2ban
(OpenLDAP/MySQL/MariaDB backends) or
+~postgresql/.pgpass
(PostgreSQL backend), then connect to SQL server and
+add or remove banned IP addresses.
banned_db
Now go to /etc/fail2ban/jail.d/
and update config files for the jails you
want to store banned IP in SQL db. Let's take dovecot.local
for example.