Hi, [DEFAULT] directives are effective unless overriden by specific jail configuration items.
In other words, it’s enough to define maxretry variable in the [DEFAULT] section once and it will work for every jail, i.e. there is no need then to define it in every jail. However, if for any specific jail you want to setup some specific value of maxretry, you can do so! And it will have higher priority then default’s one. Maxretry for recidive and ssh sections could be different according to your needs / wants. Regards, Denis > On 23 Jun 2019, at 22:14, John Landry <[email protected]> wrote: > > Greetings, > > I could use some help understanding how different maxretry variables located > in the jail.local file interact with each other. > > Does the maxretry at the beginning of the file (under [DEFAULT]) only come > into play when maxretry isn't defined under a specific jail later in the file? > > Should the maxretry variable in the [recidive] jail be the same as or less > than the other jails such as [ssh]? Does it matter? > > Thank you, > > John > > > # A host is banned if it has generated "maxretry" during the last "findtime" > # seconds. > findtime = 600 > maxretry = 3 > # A host is banned if it has generated "maxretry" during the last "findtime" > # seconds. > findtime = 600 > maxretry = 3# A host is banned if it has generated "maxretry" during the last > "findtime"# seconds. > findtime = 600 > maxretry = 3 > > _______________________________________________ > Fail2ban-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/fail2ban-users
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
