On 10/8/2020 2:15 PM, Patrick Shanahan wrote: > recidive > # Fail2Ban filter for repeat bans > # > # This filter monitors the fail2ban log file, and enables you to add long > # time bans for ip addresses that get banned by fail2ban multiple times. > # > # Reasons to use this: block very persistent attackers for a longer time, > # stop receiving email notifications about the same attacker over and > # over again. > # > # This jail is only useful if you set the 'findtime' and 'bantime' parameters > # in jail.conf to a higher value than the other jails. Also, this jail has its > # drawbacks, namely in that it works only with iptables, or if you use a > # different blocking mechanism for this jail versus others (e.g. hostsdeny > # for most jails, and shorewall for this one). >
This sounds good, mostly. But it's not QUITE what I was looking for. It's an improvement, for sure. But what I was hoping for was a way to do something like this: Ban #1 -> Default Time (currently set for 1 day) Ban #2 -> 1 Month Ban #3 -> 6 months Ban #4 (within 6 months) -> Permanant Anyone know of a good way to accomplish that? -- Dan Egli On my Test server
OpenPGP_0xF8A7B3F2AAB08F9D.asc
Description: application/pgp-keys
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
