===== Configure fail2ban on Linux with firewalld =====


sudo cp -v /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo nvim /etc/fail2ban/jail.local


bantime = 1h
findtime = 1h
maxretry = 5


sudo cp -v /etc/fail2ban/jail.d/00-firewalld.conf /etc/fail2ban/jail.d/00-firewalld.local
sudo nvim /etc/fail2ban/jail.d/sshd.local


[sshd]
enabled = true

bantime = 1d
maxretry = 3


sudo systemctl restart fail2ban.service
sudo fail2ban-client status

===== Configure fail2ban on FreeBSD with PF =====


sudo pkg install -y py311-fail2ban

Edit ''%%/usr/local/etc/fail2ban/jail.local%%''.


[DEFAULT]
bantime = 86400
findtime = 3600
maxretry = 3
banaction = pf

[sshd]
enabled = true

Enable and start fail2ban.


sudo sysrc fail2ban_enable="YES"
sudo service fail2ban start

# If not enabled already:
sudo sysrc pf_enable="YES"
sudo service pf start

Configure ''%%/etc/pf.conf%%''


table  persist

set skip on lo0

block in all
block in quick from 
...

Check and reload PF rules.


sudo pfctl -nf /etc/pf.conf
sudo pfctl -f /etc/pf.conf