> > [DEFAULT] > bantime = 10800 > action = %(action_)s > usedns = no > mta = sendmail > backend = auto > banaction = firewallcmd-ipset > port = 0-65535 > bantime.increment = true > bantime.rndtime = 8m > [sshd] > enabled = true > maxretry = 4 > filter = sshd[mode=aggressive] > > > Some interesting commands you have there that I haven't seen. What's > bantime.increment do? I assume bantime.rndtime adds up an 8m random time > onto the ban? I like that. > > So you can also specify "port = 0-65535" and that bans all ports? > > My banlist can get quite big, so I'm trying to figure out the most > cpu/memory efficient way of doing bans.. >
Have a look at the comments in jail.conf for some descriptions and a simple implementation at https://visei.com/2020/05/incremental-banning-with-fail2ban/
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
