Differences

This shows you the differences between two versions of the page.

--- linux:ubuntu:fail2ban [2018/11/27 09:28] – [Configuration] lunetikk
+++ linux:ubuntu:fail2ban [2019/10/29 10:44] – lunetikk
@@ Line 31: / Line 31: @@
 port     = 22
 filter   = sshd
+#action   = iptables[name=SSH, port=2022, protocol=tcp]
+#           sendmail-whois-lines[name=SSH, dest="[email protected],[email protected]", [email protected], sendername="Fail2Ban", logpath=/var/log/auth.log]
 logpath  = /var/log/auth.log
 maxretry = 3
@@ Line 65: / Line 67: @@
 logpath  = /var/log/fail2ban*
 maxretry = 3
+#findtime is 365 days
 findtime = 31536000
 bantime  = -1
 </code>
+===== Abusemails =====
+Click the following link for more info about abuse automatisation\\
+[[linux:ubuntu:blocklist|Blocklist]]
 ===== Commands =====
@@ Line 92: / Line 100: @@
 Get a list of commands
 <code>fail2ban-client --help</code>
+===== Troubleshooting =====
+==== IP gets banned everytime ====
+An IP listed in "ignoreip" still gets banned everytime you reload/restart/start your Fail2ban service.\\
+__Reason:__ \\
+The IP was banned before you added it to "ignoreip"  \\
+__Fix:__ \\
+The IP is added to the file "ip.blocklist.repeatoffender". \\
+Open the file and remove the IP.

Lunetikk's IT Wiki