If you have wondered what would be handy way to keep eye on your fail2ban, so here is one for you.
1. Setup your Telegram Bot
Go to the Telegram app on your device complete next 3 steps:
1.1 Find telegram bot named “@botfarther”, it helps you with creating and managing your bot.
1.2. To see all possible commands that BotFather can operate type:
/help
1.3. To create a new bot type:
/newbot
Source and an alternative guide:
https://www.siteguarding.com/en/how-to-get-telegram-bot-api-token
2. Get the chat ID by using your bot token
2.1 Copy the bot token from the Botfather’s message and replace {TELEGRAMBOTTOKEN} part of the address bar with it:
https://api.telegram.org/bot{TELEGRAMBOTTOKEN}/getUpdates
2.2 Copy the just edited URL to your web browser’s address field and press enter and you will see your bots chat ID on the web page.
3. Install and configure the notification gateway
3.1 Add the following line to the files /etc/fail2ban/jail.conf and /etc/fail2ban/jail.local in the end of actions:
telegram
Remember to use Tab to indent the word telegram. The actions should look like this afterwords:
#
# ACTIONS
#
banaction = iptables-multiport
protocol = tcp
chain = INPUT
action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
sendmail-whois-lines[name=%(__name__)s, dest=my.name@myemail.com, sender=ncp-fail2ban@ownyourbits.com]
action = %(action_)s
telegram
3.2 Go to the site:
3.3 Download the file telegram.conf and move it to:
/etc/fail2ban/action.d/
3.4 Download the file send_telegram_notif.sh move it to:
/etc/fail2ban/scripts/
3.5 Modify the file /etc/fail2ban/scripts/send_telegram_notif.sh to add your Token and your Chat ID:
telegramBotToken=**YOUR_BOT_TOKEN**
telegramChatID=**YOUR_CHAT_ID**
3.6 To modify your python script’s permissions and make it executable:
sudo chmod o+x /etc/fail2ban/scripts/send_telegram_notif.sh
3.7 Restart the service to make the changes take effect:
sudo systemctl restart fail2ban