#!/bin/bash
#安装fial2ban
install_fail2ban(){
	#CentOS内置源并未包含fail2ban，需要先安装epel源
	yum -y install epel-release fail2ban
	systemctl start fail2ban
	systemctl enable fail2ban
	echo '[DEFAULT]
ignoreip = 127.0.0.1/8
bantime  = 31536000
findtime = 600
maxretry = 5
banaction = firewallcmd-ipset
action = %(action_mwl)s
[sshd]
enabled = true
filter  = sshd
port    = 22
action = %(action_mwl)s
logpath = /var/log/secure' >> /etc/fail2ban/jail.local
}
#查看Fail2ban黑名单状态
check_banip(){
	fail2ban-client status sshd
}
#移除Fail2ban黑名单IP
rm_banip(){
	read -ep "请输入您要移除黑名单的IP：" unbanip
	fail2ban-client set sshd unbanip $unbanip
}
#查看日志
log(){
	tail /var/log/fail2ban.log
}
echo "#########################################################################
##                                                                     ##
##           欢迎使用Centos7 Fail2ban防止SSH爆破一键脚本！             ##
##                                                                     ##
##                                        --greekclub.net              ##
#########################################################################"
echo "1.安装Fail2ban"
echo "2.查看Fail2ban黑名单状态"
echo "3.移除Fail2ban黑名单IP"
echo "4.查看日志"
read -ep "请输入您的选择：" choice

if [ "$choice" == "1" ];then
	install_fail2ban
elif [ "$choice" == "2" ];then
	echo "正在查看Fail2ban黑名单状态..."
	check_banip
elif [ "$choice" == "3" ];then
	echo "正在移除Fail2ban黑名单IP..."
	rm_banip
elif [ "$choice" == "4" ];then
	echo "正在查看日志..."
	log
elif [ "$choice" == "" ];then
	exit 0
fi