--- Alias: ["fail2ban Telegram bot"] Tag: ["", ""] Date: 2022-03-13 DocType: "WebClipping" Hierarchy: TimeStamp: 2022-03-13 Link: https://github.com/deividgdt/fail2ban_telegram_notifications location: CollapseMetaTable: Yes --- Parent:: [[Selfhosting]], [[VPS Console Dialogue|VPS command-line]] ---   ```button name Save type command action Save current file id Save ``` ^button-fail2bantelegramnotificationsNSave   # GitHub - deividgdt/fail2ban_telegram_notifications: Sending fail2ban notifications using a Telegram bot   ## Fail2ban Telegram Notifications [![](https://camo.githubusercontent.com/aa776779f2a389bb73b23dda7927b688b14255ade756ecaeaa20de09368e0847/68747470733a2f2f64656976696473646f63732e66696c65732e776f726470726573732e636f6d2f323032302f30342f74656c656772616d5f6e6f74696669636174696f6e735f6661696c3262616e2e6a7067)](https://camo.githubusercontent.com/aa776779f2a389bb73b23dda7927b688b14255ade756ecaeaa20de09368e0847/68747470733a2f2f64656976696473646f63732e66696c65732e776f726470726573732e636f6d2f323032302f30342f74656c656772616d5f6e6f74696669636174696f6e735f6661696c3262616e2e6a7067) Sending **fail2ban** notifications using a **Telegram** bot   ---   ## Installation and configuration   - Add the following two lines, for example, to **SSHD** in the file **/etc/fail2ban/jail.conf**, make sure to tab the word **telegram**. ```ad-code ~~~bash action = iptables[name=SSH, port=22, protocol=tcp] telegram ~~~ ``` Example: [![](https://camo.githubusercontent.com/52340dc87fba895005263001d90b5334fb6d4e0b198b7cea36514a7ae4c18183/68747470733a2f2f64656976696473646f63732e66696c65732e776f726470726573732e636f6d2f323032302f30342f6661696c3262616e2d737368642d636f6e662e706e67)](https://camo.githubusercontent.com/52340dc87fba895005263001d90b5334fb6d4e0b198b7cea36514a7ae4c18183/68747470733a2f2f64656976696473646f63732e66696c65732e776f726470726573732e636f6d2f323032302f30342f6661696c3262616e2d737368642d636f6e662e706e67) - Download the file **telegram.conf** and move it to **/etc/fail2ban/action.d/** - Download the file **send_telegram_notif.sh** move it to **/etc/fail2ban/scripts/** - Modify the file **/etc/fail2ban/scripts/send_telegram_notif.sh** and add your **Token** and your **Chat ID**: ```ad-code ~~~bash telegramBotToken=YOUR_BOT_TOKEN telegramChatID=YOUR_CHAT_ID ~~~ ``` - Make the file executable ```ad-command ~~~bash chmod +x /etc/fail2ban/scripts/send\_telegram\_notif.sh ~~~ ``` - Restart the fail2ban service and enjoy! ```ad-command ~~~bash systemctl restart fail2ban ~~~ ```   ---   ## Usage   - /etc/fail2ban/scripts/send\_telegram\_notif.sh -a \[ start || stop \] || \[ -n $NAME -b $IP || -n $NAME -u $IP \]" - \-a (action) - \-n (jail name) - \-b (ban) - \-u (unban)   ---   ## telegram.conf   ```ad-code ~~~bash [Definition] actionstart = /etc/fail2ban/scripts/send_telegram_notif.sh -a start actionstop = /etc/fail2ban/scripts/send_telegram_notif.sh -a stop actioncheck = actionban = /etc/fail2ban/scripts/send_telegram_notif.sh -n -b actionunban = /etc/fail2ban/scripts/send_telegram_notif.sh -n -u [Init] init = 123 ~~~ ```   ---   ## send_telegram_notif.sh   ```ad-code ~~~python #!/bin/bash # Version 1.0 # Send Fail2ban notifications using a Telegram Bot # Add to the /etc/fail2ban/jail.conf: # [sshd] # *** # action = iptables[name=SSH, port=22, protocol=tcp] # telegram # Create a new file in /etc/fail2ban/action.d with the following information: # [Definition] # actionstart = /etc/fail2ban/scripts/send_telegram_notif.sh -a start # actionstop = /etc/fail2ban/scripts/send_telegram_notif.sh -a stop # actioncheck = # actionban = /etc/fail2ban/scripts/send_telegram_notif.sh -n -b # actionunban = /etc/fail2ban/scripts/send_telegram_notif.sh -n -u # # [Init] # init = 123 # Telegram BOT Token telegramBotToken='YOUR_BOT_TOKEN' # Telegram Chat ID telegramChatID='YOUR_CHAT_ID' function talkToBot() { message=$1 curl -s -X POST https://api.telegram.org/bot${telegramBotToken}/sendMessage -d text="${message}" -d chat_id=${telegramChatID} > /dev/null 2>&1 } if [ $# -eq 0 ]; then echo "Usage $0 -a ( start || stop ) || -b \$IP || -u \$IP" exit 1; fi while getopts "a:n:b:u:" opt; do case "$opt" in a) action=$OPTARG ;; n) jail_name=$OPTARG ;; b) ban=y ip_add_ban=$OPTARG ;; u) unban=y ip_add_unban=$OPTARG ;; \?) echo "Invalid option. -$OPTARG" exit 1 ;; esac done if [[ ! -z ${action} ]]; then case "${action}" in start) talkToBot "Fail2ban has been started" ;; stop) talkToBot "Fail2ban has been stopped" ;; *) echo "Incorrect option" exit 1; ;; esac elif [[ ${ban} == "y" ]]; then talkToBot "[${jail_name}] The IP: ${ip_add_ban} has been banned" exit 0; elif [[ ${unban} == "y" ]]; then talkToBot "[${jail_name}] The IP: ${ip_add_unban} has been unbanned" exit 0; else info fi ~~~ ```   ---   ## Buy me a coffe [![ko-fi](https://camo.githubusercontent.com/88b9e664b2a500cbdc892ab041e3fd1d7c348082650f3e5cf38da8ce3865e922/68747470733a2f2f7777772e6b6f2d66692e636f6d2f696d672f676974687562627574746f6e5f736d2e737667)](https://ko-fi.com/U7U01LTQB)