2 ways I can think of: The first is on my machine it takes about 2 seconds to effect a ban. The second is a rule taht allows access before the rule fail2ban added.
On Tue, 2015-08-18 at 11:34 +0200, Timo Brandt - Umweltsynergien wrote: > Hi together, > > I've got a stupid question. > Yesterday, I watched all log files on my debian 7 server with tail -f > *. > > I've seen some logins with root from different ip's and fail2ban > writes in his log " ip xxx.xxx.xxx.xxx already banned. > > How can this be? I thought, fail2ban and iptables ban this ip so that > they can't try any login? > can you help me? > Thx, > Timo > > ------------------------------------------------------------------------------ > _______________________________________________ > Fail2ban-users mailing list > Fail2ban-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
_______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
