I started seeing that fail2ban is not working properly on my debian
server, while working in other places where I'm using other distros.
I started searching and found this in the logs after putting in
debugging and restarting fail2ban:
2007-10-07 10:03:12,744 fail2ban.actions.action: DEBUG iptables -N
fail2ban-ssh
iptables -A fail2ban-ssh -j RETURN
iptables -I INPUT -p tcp --dport ssh,sftp -j fail2ban-ssh
2007-10-07 10:03:12,748 fail2ban.filter.datedetector: DEBUG Sorting the
template list
2007-10-07 10:03:12,752 fail2ban.actions.action: ERROR iptables -N
fail2ban-ssh
iptables -A fail2ban-ssh -j RETURN
iptables -I INPUT -p tcp --dport ssh,sftp -j fail2ban-ssh returned 200
What does the error mean? The fail2ban-ssh chain exists in iptables:
Chain fail2ban-ssh (0 references)
target prot opt source destination
RETURN all -- anywhere anywhere
But fail2ban doesn't block when I get up to 7 fails from the same IP,
while I have it configured to ban at 3.
Any ideas?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]