Hi Michael, Le 2014-12-11 09:49, Michael Horne a écrit : > Hi Yves, > > thank you for the fast reply this morning, > > I've used a mixture of just plain IP's (192.168.1.1 for instance) and > also IP's with CIDR. > > the documentation says that you can use either format, should I amend > all of my addresses to use the CIDR format?
Honestly, I do not know. I just know that it works for me the way I wrote it. I'm new to fail2ban myself, and discovered, while setting it up, that documentation and help are both in limited quantities :-/ Strange, given that fail2ban is rather mainstream… --Yves. (please post answers to the list ;-) ) > > thanks > > Michael > > On 11/12/14 08:45, Yves wrote: >> Le 2014-12-11 09:29, Michael Horne a écrit : >>> Hi everyone, >>> >>> This is my first visit to the mailing list. I've been configuring >>> fail2ban on our company servers, everything has been great until >>> today. >>> While setting up some new SSH login accounts I banned one of our >>> servers with failed logins. >>> >>> I have removed the ban; >>> >>> fail2ban-client set ssh-iptables unbanip 192.168.0.1 >>> >>> which takes the IP address off of the list when I run >>> >>> fail2ban-client status ssh-iptables >>> >>> Great! >>> >>> So today I added the ignoreip = a long old list of servers that I >>> don't >>> want to be banned. >> Did you use the right syntax? I'm using this feature with version >> 0.8.6 >> on Debian, and so far it has worked well. The syntax I use is: >> ignoreip = 127.0.0.1/8 192.168.1.0/24 >> Notice the masks, and the space as a separator between the different >> items. >> >> --Yves. >> >>> after restarting the service it automatically bans 192.168.0.1 again >>> even >>> though I manually removed the ban, added the IP address to the >>> ignoreip >>> option under [DEFAULTS] and just for good measure i ran >>> echo "" > /var/log/secure >>> and removed all of the additional secure logs. >>> >>> I found after some googling some information about ignoreip not >>> working >>> in a previous version (8.2?) but I am using 9.0. >>> >>> yum info fail2ban >>> Name : fail2ban >>> Arch : noarch >>> Version : 0.9 >>> Release : 9.el7 >>> Size : 0.0 >>> Repo : installed >>> From repo : epel >>> >>> any help would be much appreciated! I'm loosing hair over this one, >>> >>> thanks >>> >>> Michael ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
