Or easier for #2: 1:root@elmo dns]$ cat /etc/redhat-release Fedora release 22 (Twenty Two) [1:root@elmo dns]$ ls /var/lib/fail2ban/ fail2ban.sqlite3
Rename that puppy. Bill On 2/12/2016 6:15 PM, Bill Shirley wrote: > In response to Charles: > For #2, after you empty actionunban, write a script to iterate thru your > ipset and for each IP issue: > fail2ban-client set <JAIL> unbanip <IP> > now fail2ban forgets about them and since actionunban is empty they're still > in the ipset. No duplicate data. > > For #3, some admins don't save on shutdown nor restore on boot their ipset. > I don't. I just let > the system build it from scratch. > > For Tom and all: > I too use Shorewall. I actually create my ipsets with a timeout: > ipset -exist create fail2ban-Ip hash:ip timeout 86400 > > # > ------------------------------------------------------------------------------ > my action: > [INCLUDES] > > before = iptables-blocktype.conf > > > [Definition] > # start, stop, et. al. handled by Shorewall > actioncheck = > actionstart = > actionstop = > actionban = ipset -exist add fail2ban-<name> <ip> timeout <my_timeout> > #actionunban = ipset -exist del fail2ban-<name> <ip> > actionunban = > > [Init] > name = Ip > my_timeout = 3600 > > > # > ------------------------------------------------------------------------------ > my jail: > [ProFTP] > #enabled = false > enabled = true > filter = proftpd > action = my_ipset_ip[my_timeout=86400] > logpath = /var/log/proftpd/system.log > maxretry = 3 > findtime = 7200 > bantime = 60 > > Note: an ipset timeout value of zero IS a permanent ban (man ipset). Change > <my_timeout> as needed in > each jail. > > Bill > ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
