Instal fail2ban to smartos and add simple rule for ssh.
TODO: List you cookbook attributes here.
mkdir -p localmode/cookbooks
git clone https://github.com/higanworks-cookbooks/fail2ban_smartos.git localmode/cookbooks/fail2ban_smartos
cd localmode
chef-client -z -o 'fail2ban_smartos::tcp_wrapper'
-- snip --
Recipe: fail2ban_smartos::default
* service[fail2ban] action reload
- reload service service[fail2ban]
Just include fail2ban_smartos in your node's run_list:
{
"name":"my_node",
"run_list": [
"recipe[fail2ban_smartos]"
]
}Install fail2ban and enable ssh rule below:
[ssh-ipfilter]
enabled = true
maxretry = 8
filter = sshd
action = ipfilter
logpath = /var/log/authlog
- Fork the repository on Github
- Create a named feature branch (like
add_component_x) - Write your change
- Write tests for your change (if applicable)
- Run the tests, ensuring they all pass
- Submit a Pull Request using Github
Authors: Sawanobori Yukihiko(HiganWorks LLC)