From 5a68c724f2a4fd2a43debcb192abc9be03173a8e Mon Sep 17 00:00:00 2001
From: Zhang Huangbin
Date: Wed, 15 Apr 2020 20:59:37 +0800
Subject: [PATCH] Typo
---
en_US/howto/fail2ban.sql.md | 19 +++++++++++--------
html/fail2ban.sql.html | 22 +++++++++++++---------
2 files changed, 24 insertions(+), 17 deletions(-)
diff --git a/en_US/howto/fail2ban.sql.md b/en_US/howto/fail2ban.sql.md
index 0bbaafbc..502d3de8 100644
--- a/en_US/howto/fail2ban.sql.md
+++ b/en_US/howto/fail2ban.sql.md
@@ -162,7 +162,7 @@ add or remove banned IP addresses.
## Enable the new action `banned_db`
-Now go to `/etc/fail2ban/jail.d/` and update config files for the jails you
+Now go to directory `/etc/fail2ban/jail.d/` and update config files for the jails you
want to store banned IP in SQL db. Let's take `dovecot.local` for example.
* The `action =` line in original file looks like this:
@@ -177,10 +177,11 @@ action = iptables-multiport[name=dovecot, port="80,443,25,587,465,110,995,1
!!! warning
- The name set in `banned_db[name=, ...]` line must be same as
- the jail name which is defined in the first line `[dovecot-iredmail]`.
- In above sample, it's `dovecot-iredmail`.
- Do __NOT__ copy the name used in `iptables-multiport[]` line.
+ * The name set in `banned_db[name=, ...]` line must be same as
+ the jail name which is defined in the first line `[dovecot-iredmail]`.
+ In above sample, jail name is `dovecot-iredmail`.
+ Do __NOT__ copy the name used in `iptables-multiport[...]` line.
+ * There's only one `action =` parameter for a jail.
```
[dovecot-iredmail]
@@ -201,15 +202,17 @@ Now add a cron job for `root` user:
* * * * * /bin/bash /usr/local/bin/fail2ban_banned_db unban_db
```
-It runs every minute and query SQL database to get IP addresses which are
-pending for removal.
+It runs every minute and queries SQL database to get banned IP addresses which
+are pending for removal.
-## Optional: Add GeoIP database to look up location of banned IP address
+## Optional: look up and store country name of banned IP address
Script `/usr/local/bin/fail2ban_banned_db` detects whether commands
`geoiplookup` and `geoiplookup6` exist, if exist, it runs the command to query
country of banned IP address and store it in SQL database.
+Both commands are offered by GeoIP related packages, please install them.
+
* On RHEL/CentOS 7:
```
diff --git a/html/fail2ban.sql.html b/html/fail2ban.sql.html
index 7cef17a0..febdba8a 100644
--- a/html/fail2ban.sql.html
+++ b/html/fail2ban.sql.html
@@ -29,7 +29,7 @@
Add required Fail2ban config file and script
Enable the new action banned_db
Add required cron job to query SQL database and unban IP addresses
-Optional: Add GeoIP database to look up location of banned IP address
+Optional: look up and store country name of banned IP address
Tests
Troubleshooting
@@ -178,7 +178,7 @@ from /root/.my.cnf-fail2ban
(OpenLDAP/MySQL/MariaDB backends) or
~postgresql/.pgpass
(PostgreSQL backend), then connect to SQL server and
add or remove banned IP addresses.
Enable the new action banned_db
-Now go to /etc/fail2ban/jail.d/
and update config files for the jails you
+
Now go to directory /etc/fail2ban/jail.d/
and update config files for the jails you
want to store banned IP in SQL db. Let's take dovecot.local
for example.
- The
action =
line in original file looks like this:
@@ -193,10 +193,13 @@ action = iptables-multiport[name=dovecot, port="80,443,25,587,465,110,
Add our new action under existing action:
Warning
-
The name set in banned_db[name=, ...]
line must be same as
-the jail name which is defined in the first line [dovecot-iredmail]
.
-In above sample, it's dovecot-iredmail
.
-Do NOT copy the name used in iptables-multiport[]
line.
+
+- The name set in
banned_db[name=, ...]
line must be same as
+ the jail name which is defined in the first line [dovecot-iredmail]
.
+ In above sample, jail name is dovecot-iredmail
.
+ Do NOT copy the name used in iptables-multiport[...]
line.
+- There's only one
action =
parameter for a jail.
+
@@ -213,12 +216,13 @@ action = iptables-multiport[name=dovecot, port="80,443,25,587,465,110,
* * * * * /bin/bash /usr/local/bin/fail2ban_banned_db unban_db
-It runs every minute and query SQL database to get IP addresses which are
-pending for removal.
-Optional: Add GeoIP database to look up location of banned IP address
+It runs every minute and queries SQL database to get banned IP addresses which
+are pending for removal.
+Optional: look up and store country name of banned IP address
Script /usr/local/bin/fail2ban_banned_db
detects whether commands
geoiplookup
and geoiplookup6
exist, if exist, it runs the command to query
country of banned IP address and store it in SQL database.
+Both commands are offered by GeoIP related packages, please install them.