Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/shafiqsaaidin/fail2ban-telegram-notification

Send notification to Telegram when fail2ban ban and unband an IP Address to alert Network Admin
https://github.com/shafiqsaaidin/fail2ban-telegram-notification

fail2ban-telegram-notification notification ssh telegram telegram-bot

Last synced: 3 months ago
JSON representation

Send notification to Telegram when fail2ban ban and unband an IP Address to alert Network Admin

Host: GitHub
URL: https://github.com/shafiqsaaidin/fail2ban-telegram-notification
Owner: shafiqsaaidin
Created: 2018-02-19T12:52:25.000Z (almost 7 years ago)
Default Branch: master
Last Pushed: 2021-01-11T03:18:47.000Z (about 4 years ago)
Last Synced: 2024-08-02T22:22:53.365Z (6 months ago)
Topics: fail2ban-telegram-notification, notification, ssh, telegram, telegram-bot
Language: Shell
Homepage:
Size: 10.7 KB
Stars: 77
Watchers: 7
Forks: 25
Open Issues: 3
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# fail2ban-telegram-notification
Send notification to telegram when fail2ban ban an IP address and unband an IP address

### Requirement
- openssh
- vsftpd
- fail2ban
- curl
- telegram bot api

### Installation
`$ sudo apt install vsftpd fail2ban ssh-server`

### Configuration
#### Fail2ban
- Create a copy of jail.conf `cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local`.
- Create ban rules in jail.local

ignoreip = 127.0.0.1/8 192.168.1.101
bantime = 3600
findtime = 120
maxretry = 3

- Protect vsftpd with fail2ban. Make chage to [vsftpd] section in jail.local
enabled = true
filter = vsftpd
action =
iptables[name=VSFTPD, port=21, protocol=tcp]
telegram

- If you want to protect SSH with fail2ban add this to [sshd]
enabled = true
filter = sshd
maxretry = 3
logpath = /var/log/auth.log
action =
iptables[name=SSH, port=22, protocol=tcp]
telegram

- Make script directory to place our shell script
`sudo mkdir /etc/fail2ban/scripts/`
in the following directory add `fail2ban-telegram.sh`

- Copy telegram.conf to `/etc/fail2ban/action.d/` directory
`cp telegram.conf /etc/fail2ban/action.d/`

- Edit fail2ban-telegram.sh and replace the `apiToken` and `chatId` with your api. You must create telegram bot first and get the api key [here](https://www.sohamkamani.com/blog/2016/09/21/making-a-telegram-bot/)

### Start the service
systemctl start ssh-server
systemctl start vsftpd
systemctl start fail2ban

### Demo video
[![Fail2ban with telegram notification](http://img.youtube.com/vi/LYLiCK5XGXk/0.jpg)](https://youtu.be/LYLiCK5XGXk)