# Linux - Internet Checker Script V1.0
# Function to check network interface
check_interface()
local INTERFACE=$(ip route | grep default | awk '{print $5}')
if [[ -n "$INTERFACE" ]]; then
echo -e "\e[32mNetwork interface ($INTERFACE) is up.\e[0m"
else
echo -e "\e[31mNo network interface found or it is down!\e[0m"
return 1
fi
}
# Function to check default gateway
check_gateway() {
local GATEWAY=$(ip route | grep default | awk '{print $3}')
if ping -c 2 "$GATEWAY" &> /dev/null; then
echo -e "\e[32mSuccessfully connected to gateway ($GATEWAY).\e[0m"
else
echo -e "\e[31mFailed to connect to the gateway ($GATEWAY).\e[0m"
return 1
fi
}
# Function to check DNS resolution
check_dns() {
if nslookup google.com &> /dev/null; then
echo -e "\e[32mDNS resolution is working.\e[0m"
else
echo -e "\e[31mDNS resolution failed!\e[0m"
return 1
fi
}
# Function to check connectivity to external servers via ping
check_ping() {
local SERVERS=("8.8.8.8" "1.1.1.1" "google.com")
for server in "${SERVERS[@]}"; do
if ping -c 2 "$server" &> /dev/null; then
echo -e "\e[32mSuccessfully pinged $server.\e[0m"
else
echo -e "\e[31mFailed to ping $server.\e[0m"
return 1
fi
done
}
# Function to check if specific ports are open
check_ports() {
local PORTS=(80 443)
for port in "${PORTS[@]}"; do
if nc -zv google.com $port &> /dev/null; then
echo -e "\e[32mPort $port is accessible.\e[0m"
else
echo -e "\e[31mPort $port is not accessible!\e[0m"
return 1
fi
done
}
# Function to check traceroute to Google DNS
check_traceroute() {
if command -v traceroute &> /dev/null; then
echo -e "\e[32mTraceroute to Google DNS (8.8.8.8) is possible:\e[0m"
traceroute -m 5 8.8.8.8
else
echo -e "\e[31mTraceroute command not available on this system.\e[0m"
fi
}
# Function to check HTTP request and handle redirects
check_http_request() {
if curl -s -o /dev/null -w "%{http_code}" https://google.com | grep -q "200\|301\|302"; then
echo -e "\e[32mHTTP request successful or redirected.\e[0m"
else
echo -e "\e[31mHTTP request failed!\e[0m"
return 1
fi
}
# Run all checks
echo "Starting detailed internet connection check..."
check_interface
check_gateway
check_dns
check_ping
check_ports
check_traceroute
check_http_request
echo "Internet connection check complete."
Tag: linux
run the following command
nano /fail2ban.sh
Copy and paste the script below.
#!/bin/bash
# Fail2Ban auto-install and setup script (no sudo)
# Step 1: Update package list and install Fail2Ban and rsyslog
apt update && apt install fail2ban rsyslog -y
# Step 2: Ensure rsyslog is running and enabled on boot
systemctl start rsyslog
systemctl enable rsyslog
# Step 3: Configure rsyslog to log auth messages
if ! grep -q "^auth,authpriv.*" /etc/rsyslog.conf; then
echo "auth,authpriv.* /var/log/auth.log" >> /etc/rsyslog.conf
echo "Configured rsyslog to log authentication messages."
fi
# Restart rsyslog to apply changes
systemctl restart rsyslog
# Step 4: Copy the default jail.conf to jail.local to prevent overwriting in updates
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
# Step 5: Configure the SSH jail and other settings in jail.local
if ! grep -q "^\[DEFAULT\]" /etc/fail2ban/jail.local; then
echo -e "\n[DEFAULT]\n" >> /etc/fail2ban/jail.local
fi
# Check and set bantime if it doesn't exist
if ! grep -q "^bantime" /etc/fail2ban/jail.local; then
echo "bantime = 24h" >> /etc/fail2ban/jail.local
else
sed -i 's/^bantime.*/bantime = 24h/' /etc/fail2ban/jail.local
fi
# Check and set findtime if it doesn't exist
if ! grep -q "^findtime" /etc/fail2ban/jail.local; then
echo "findtime = 10m" >> /etc/fail2ban/jail.local
else
sed -i 's/^findtime.*/findtime = 10m/' /etc/fail2ban/jail.local
fi
# Check and set maxretry if it doesn't exist
if ! grep -q "^maxretry" /etc/fail2ban/jail.local; then
echo "maxretry = 5" >> /etc/fail2ban/jail.local
else
sed -i 's/^maxretry.*/maxretry = 5/' /etc/fail2ban/jail.local
fi
# Configure the SSH jail
if ! grep -q "^\[sshd\]" /etc/fail2ban/jail.local; then
echo -e "\n[sshd]\nenabled = true\nlogpath = /var/log/auth.log\n" >> /etc/fail2ban/jail.local
else
sed -i 's/^enabled.*/enabled = true/' /etc/fail2ban/jail.local
sed -i 's|^logpath.*|logpath = /var/log/auth.log|' /etc/fail2ban/jail.local
fi
# Step 6: Ensure SSH logging is enabled in /etc/ssh/sshd_config
# Handle LogLevel
if grep -q "^#LogLevel" /etc/ssh/sshd_config; then
sed -i 's/^#LogLevel.*/LogLevel INFO/' /etc/ssh/sshd_config
elif grep -q "^LogLevel" /etc/ssh/sshd_config; then
sed -i 's/^LogLevel.*/LogLevel INFO/' /etc/ssh/sshd_config
else
echo "LogLevel INFO" >> /etc/ssh/sshd_config
fi
# Handle SyslogFacility
if grep -q "^#SyslogFacility" /etc/ssh/sshd_config; then
sed -i 's/^#SyslogFacility.*/SyslogFacility AUTH/' /etc/ssh/sshd_config
elif grep -q "^SyslogFacility" /etc/ssh/sshd_config; then
sed -i 's/^SyslogFacility.*/SyslogFacility AUTH/' /etc/ssh/sshd_config
else
echo "SyslogFacility AUTH" >> /etc/ssh/sshd_config
fi
# Step 7: Restart SSH and Fail2Ban services to apply the changes
systemctl restart sshd
systemctl restart fail2ban
# Step 8: Enable Fail2Ban on boot
systemctl enable fail2ban
echo "Fail2Ban and rsyslog have been installed and configured successfully."
CTRL + O Then CTRL + X to Save and Close the file.
Now run the following command to sent the scripts permissions
chmod 755 /fail2ban.sh
Now we need to run the script to automatically install and setup fail2ban
./fail2ban.sh