源码安装fail2ban

源码安装fail2ban

碎碎念：
这几天早上都比较凉爽，甚至有一丝凉意，到了中午下午太阳出来，还有些许燥热。下班后，抬头只见蓝天白云，天上的云朵像棉花糖一样铺了几朵，余晖落在身上，有种温暖舒适的感觉，这一刻尽情享受生命的美好。

下载

https://github.com/fail2ban/fail2ban/releases

安装

源码安装可以用于centos，欧拉系统等

这里以欧拉系统为例

先安装python环境：

dnf install python3

解压：

tar -zxf fail2ban-1.1.0.tar.gz

安装：

python3 setup.py install

然后就是复制jail.conf为jail.local去jail.local进行相关配置，具体使用方法可以参考：https://www.cnblogs.com/sillage/p/13966485.html ，此处不再详讲

tips：可以使用fail2ban-server -t检查你的jail.local语法是否正确

添加fail2ban服务

复制源码安装包中build目录下的fail2ban.service到/usr/lib/systemd/system

cp fail2ban-1.1.0/build/fail2ban.service  /usr/lib/systemd/system/fail2ban.service

修改fail2ban.service中python环境为本机的具体路径：

[Service]
Type=simple
#Environment="PYTHONNOUSERSITE=1" 这里是原本的，要改为具体的python环境的路径，参考下面
Enviroment="PYTHONPATH=/usr/local/lib/python3.11/site-packages/"

完整的fail2ban.service如下：

[Unit]
Description=Fail2Ban Service
Documentation=man:fail2ban(1)
After=network.target iptables.service firewalld.service ip6tables.service ipset.service nftables.service
PartOf=iptables.service firewalld.service ip6tables.service ipset.service nftables.service[Service]
Type=simple
#Environment="PYTHONNOUSERSITE=1"
Enviroment="PYTHONPATH=/usr/local/lib/python3.11/site-packages/"
ExecStartPre=/bin/mkdir -p /run/fail2ban
ExecStart=/usr/local/bin/fail2ban-server -xf start
# if should be logged in systemd journal, use following line or set logtarget to sysout in fail2ban.local
# ExecStart=/usr/local/bin/fail2ban-server -xf --logtarget=sysout start
ExecStop=/usr/local/bin/fail2ban-client stop
ExecReload=/usr/local/bin/fail2ban-client reload
PIDFile=/run/fail2ban/fail2ban.pid
Restart=on-failure
RestartPreventExitStatus=0 255[Install]
WantedBy=multi-user.target

直接一键三连：

systemctl daemon-reload
systemctl enable --now fail2ban
systemctl start fail2ban

可以看到fail2ban服务已经正常启动了

可能遇到的报错

启动fail2ban服务的时候报错：

× fail2ban.service - Fail2Ban ServiceLoaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled; preset: disabled)Active: failed (Result: exit-code) since Thu 2025-09-25 15:04:59 CST; 3s agoDuration: 29msDocs: man:fail2ban(1)Process: 2499477 ExecStartPre=/bin/mkdir -p /run/fail2ban (code=exited, status=0/SUCCESS)Process: 2499480 ExecStart=/usr/local/bin/fail2ban-server -xf start (code=exited, status=1/FAILURE)Main PID: 2499480 (code=exited, status=1/FAILURE)Sep 25 15:04:59 test systemd[1]: fail2ban.service: Scheduled restart job, restart counter is at 5.
Sep 25 15:04:59 test systemd[1]: fail2ban.service: Start request repeated too quickly.
Sep 25 15:04:59 test systemd[1]: fail2ban.service: Failed with result 'exit-code'.
Sep 25 15:04:59 test systemd[1]: Failed to start Fail2Ban Service.

这是因为在fail2ban.service中，没有把python环境的路径写上去

参考：https://github.com/fail2ban/fail2ban/issues/3843