Hi, Le 2015-04-01 10:13, Richard Mealing a écrit : > Hi everyone, > > I was wondering if there is a way to pass fail2ban a file listing all > hosts > that I would like to be whitelisted?
To my knowledge, this is not an option of fail2ban. Although it is trivial to adapt the configuration to obtain such a feature, doing so raises issues, first of all the fact that fail2ban is not aware of any test being run in the “ban” action. So even if your IP ends up _not_ being banned, fail2ban will think it has been banned, and start the count-down. In your case, it may not be that much of an issue if your white-list is mostly growing. However, be aware that eg. if 10.11.12.13 is white-listed, and fail2bans attempts to ban it, your test will prevent the ban, but fail2ban will think it banned for the next 24 hours for example ; if you remove 10.11.12.13 from your whitelist, the IP 10.11.12.13 will still have 24 hours to freely attempt as many connections as it wishes, because fail2ban will not attempt to ban an IP that is “already banned”… As I said, maybe it’s not an issue for you. Now, if you wish to take this corner-case into account, my article below may help: http://yalis.fr/cms/index.php/post/2014/11/02/Migrate-from-DenyHosts-to-Fail2ban Yves. > Possibly 1 host per line? > > Thanks, > > Rich ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
