Try using an empty actionunban in your action and set the bantime = 60 in your jail. This way fail2ban thinks it's unbanning after a minute. fail2ban shutdown should be quick.
Bill On 2/11/2016 5:15 AM, Charles Bradshaw wrote: > Hello list, > > I am running fail2ban.noarch 0.9.3-1.el6.1 as installed from the CentOS > repository. > > I have one ipset jail which over time has accumulated more than 17000 > permanent bans. This is causing a severe problem during restarts. > (obviously!) > > First it would take many hours to shut down fail2ban gracefully the > solution is to force a power down. This leaves the ipset intact. > > Next when the fail2ban server restarts it takes a similar many hours for > the server to redundantly restore the bans from the database to the > already intact ipset. > > This a ridiculous process! The whole purpose of ipsets is to efficiently > hold vast numbers of blocked IPs. > > The most importantly problem here is fail2ban is preventing fast clean > shutdowns. Understand 17000 bans is nothing! an ipset can efficiently > hold > 65K, under which circumstances the shutdown and restart delays > would extend to weeks!! The startup delay is not a severe problem except > that 17000 emails and all the disk activity is a total pain in the ass. > > So the question is: how to turn off fail2ban gracefully without these > ridiculous delays. > > Also note when fail2ban shuts down the ipset entries in iptables do not > get deleted, but that's another story. > > Thanks in advance, Charles Bradshaw > > > > > ------------------------------------------------------------------------------ > Site24x7 APM Insight: Get Deep Visibility into Application Performance > APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month > Monitor end-to-end web transactions and take corrective actions now > Troubleshoot faster and improve end-user experience. Signup Now! > http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 > _______________________________________________ > Fail2ban-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/fail2ban-users ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
