fail2ban in Baserock is fairly easy if you already
have some knowledge about the tool.
A simple example for configuring it to ban IPs that make to many
ssh attempts; create a file
the following contents:
[DEFAULT] bantime = 3600 backend = systemd [sshd] enabled = true
Now you can enable and/or start
# systemctl enable fail2ban # systemctl start fail2ban
If you want to see if it's working for your use case, you can have a look
# tailf /var/log/fail2ban.log
You can also have a look at
/etc/fail2ban/jail.conf for more information
fail2ban and some configuration examples.
Note: For using fail2ban make sure that fail2ban and iptables are installed in the system. Currently these components are provided by connectivity.morph and fail2ba-common.morph and included by default in Trove systems (17-03-2016)