Install Fail2Ban on Gentoo Linux

Step 1 – Install

emerge --ask net-analyzer/fail2ban
rc-update add fail2ban default && rc-service fail2ban start

Step 2 – /etc/fail2ban/jail.local

[DEFAULT]
bantime  = 3600
findtime = 600
maxretry = 5
banaction = iptables-multiport
ignoreip = 127.0.0.1/8 192.168.1.0/24

[sshd]
enabled  = true
port     = ssh,2222
maxretry = 3
bantime  = 86400

[nginx-http-auth]
enabled  = true

[nginx-botsearch]
enabled  = true

Step 3 – Reload and check

systemctl reload fail2ban 2>/dev/null || rc-service fail2ban reload
fail2ban-client status
fail2ban-client status sshd

Step 4 – Ban / unban

fail2ban-client set sshd banip 1.2.3.4
fail2ban-client set sshd unbanip 1.2.3.4