créer le fichier /etc/fail2ban/jail.local
[DEFAULT]
[sshd]
ignoreip = 127.0.0.1/8 ::1 86.xx.xx.xx
findtime = 3600
bantime = 86400
maxretry = 5
enabled = true
action = webhook
créer ce fichier /etc/fail2ban/action.d/webhook.conf
[Definition]
# Notify on Startup
actionstart = curl -X POST "<webhook>" \
-H "Content-Type: application/json" \
-d '{"jail": "<name>", "type":"jail start"}'
# Notify on Shutdown
actionstop = curl -X POST "<webhook>" \
-H "Content-Type: application/json" \
-d '{"jail": "<name>", "type":"jail end"}'
#
actioncheck =
# Notify on Banned
actionban = curl -X POST "<webhook>" \
-H "Content-Type: application/json" \
-d '{"jail": "<name>", "type":"ban", "ip": "<ip>", "bantime": "<bantime> hours", "failures": "<failures>"}'
# Notify on Unbanned
actionunban = curl -X POST "<webhook>" \
-H "Content-Type: application/json" \
-d '{"jail": "<name>", "type":"unban", "ip": "<ip>"}'
[Init]
# Name of the jail in your jail.local file. default = [your-jail-name]
name = default
# Webhook URL
webhook = https://xxxxxxxxxxxxxx
restart the service
systemctl restart fail2ban