That makes sense. Seems like newer actions (ipset, firewalld) are using their own bantimes, rather than relying on the jail or the default. Seems strange imho that the action should even attempt to override that.
On 01/19/2015 09:37 PM, [email protected] wrote: > apparently this is the way you have to do it in the jail.local > > action = iptables-ipset-proto6-allports[name=zimbra-recipient, > bantime=604800] > > Otherwise the action ignores the fail2ban 'bantime = X' value > > If I do that and restart you now get > > ipset -L fail2ban-zimbra-recipient > Name: fail2ban-zimbra-recipient > Type: hash:ip > Revision: 2 > Header: family inet hashsize 1024 maxelem 65536 timeout 604800 > Size in memory: 16504 > References: 1 > Members: > > Notice the timeout = 604800 > > Header: family inet hashsize 1024 maxelem 65536 timeout 604800 > > not = 600 like before > > ------------------------------------------------------------------------------ > New Year. New Location. New Benefits. New Data Center in Ashburn, VA. > GigeNET is offering a free month of service with a new server in Ashburn. > Choose from 2 high performing configs, both with 100TB of bandwidth. > Higher redundancy.Lower latency.Increased capacity.Completely compliant. > http://p.sf.net/sfu/gigenet > _______________________________________________ > Fail2ban-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/fail2ban-users ------------------------------------------------------------------------------ New Year. New Location. New Benefits. New Data Center in Ashburn, VA. GigeNET is offering a free month of service with a new server in Ashburn. Choose from 2 high performing configs, both with 100TB of bandwidth. Higher redundancy.Lower latency.Increased capacity.Completely compliant. http://p.sf.net/sfu/gigenet _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
