From the jail.conf for fail2ban version 0.9 # "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false
So all you need to do is add enabled=true under [ASSP] and in theory it should turn on when you reload/ restart fail2ban and it’s activation should be visible in fail2ban.log something like 2018-07-21 07:01:32,816 fail2ban.jail [1044]: INFO Jail ‘assp' started I don’t have ASSP and my jail.conf (you should create a copy jail.local to avoid overwrites and edit the latter), has /etc/fail2ban/jail.conf: logpath = /root/path/to/assp/logs/maillog.txt so you might need to find the correct log path for you distro (I’m on Ubuntu). There’s pretty comprehensive documentation in man jail.conf Something I’ve found useful is fail2ban-regex /var/log/nginx/access.log /etc/fail2ban/filter.d/nginx-botsearch.conf which gives you the option to feed a log file through a configuration and see what matches, which I found useful for debugging regex, though I have to say that I have found it very difficult to contact the developers or find where they hang to make some amendments or suggestions and the protocol appears to be to branch their version of git, make the changes and upload it and wait for comments. > On 23 Jul 2018, at 23:48, James Moe via Fail2ban-users > <[email protected]> wrote: > > opensuse 15.0 > linux 4.12.14-lp150.12.4-default x86_64 > fail2ban 0.10.3 > > I am new to fail2ban. I have a few questions. > > * Are there docs that describe how the various parts of fail2ban work > together? The actions and flow of information? > > I am interested in setting up a jail for ASSP (Anti-Spam SMTP Proxy); > there is already an entry, [assp], in the default jail.conf. However, > when I ask fail2ban-client, it claims there is no jail: > > fail2ban> get assp actions > 2018-07-23 15:29:34,541 fail2ban [18662]: ERROR NOK: ('assp',) > Sorry but the jail 'assp' does not exist > > The customization entry in jail.d/customisation.local: > [assp] > port = smtp,465,submission > logpath = /usr/local/bin/assp2/logs/maillog.txt > datepattern = %Y-%m-%d_%H:%M:%%S > > I assume I have missed something. > > * For fail2ban to work with a particular app, are all of jail.conf > entry, a filter entry, and an action entry required? > > * ASSP has a rather unique datetime format. The "datepattern" directive > exists to solve this. Where is it allowed? Is its presence required in > the jail definition, filter, and action definitions? Or just one or two? > In which blocks? Does the "%" have to be doubled in the conf files (I > have seen it both ways)? > > > -- > James Moe > moe dot james at sohnen-moe dot com > 520.743.3936 > Think. > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Fail2ban-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/fail2ban-users ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
