Urban Exploration, PHP and others…

Fail2Ban on Synology DSM6

Fail2ban is a daemon that watches logfiles for errors using a regex expression. If errors are found actions are done. The most common action is blocking the source ip in firewall, or even higher using ‘ip route’.
Since there isn’t much information available regarding running fail2ban on Synology DSM 6 it took some time to get it configured.
Anyway, here we go:

Download the latest stable of fail2ban at Github.
Unpack the zip and place it somewhere on your Syno.
SSH in to your Syno and go to the path where you stored the files.
Run this command to install fail2ban:

sudo ./ install

The binaries are installed in /usr/bin, the config files in /etc/fail2ban (let’s hope that survives a DSM update).
By default all jails are disabled so you have to edit /etc/fail2ban/jail.conf to activate the jails you want to use.
Then, of course you want fail2ban started automatically at startup. I run fail2ban with a startup script that was already in place /volume1/files/ and started by a simple on start task in Syno Taskscheduler

sudo mkdir /var/run/fail2ban
sudo /usr/bin/fail2ban-client -c /etc/fail2ban start

Watch the logfile to see if everything goes as planned.