Re: [Fail2ban-users] Issues with SSH jail on EL6

Fri, 21 Aug 2015 08:37:18 -0700 

Hi Chris,

Ignore that previous reply, I've been working with RHEL7 a lot recently :)

this is my C6 jail config for SSH - I hope it helps.

[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
#remove this line below if you do not wish to receive email upon ban.
        sendmail-whois[name=SSH, dest=root, sender=fail2ban@HOSTNAME]
logpath = /var/log/secure
maxretry = 10
findtime = 86400

Michael

On 21/08/15 16:03, Michael H wrote:
> Hi Chris,
>
> which jail is not working? the standard sshd?
>
> I ran into the same kind of issue last year, I found that the iptables
> action wasn't working, after switching to
>
> action = firewallcmd-ipset[name=SSH, port=22, protocol=tcp]
>
> everything began to work...
>
> Michael
>
> On 21/08/15 15:23, Chris Short wrote:
>> I have been having significant issues getting fail2ban to actually ban
>> hosts on RHEL 6 using the latest package from EPEL. The logs indicate
>> fail2ban is finding failures worthy of blocking but only seems to do so
>> at service start. I've tried auto and polling backends.
>>
>> Here is the current jail.local I'm working with:
>> http://pastebin.com/qZv4JN9J
>>
>> Any thoughts or guidance would be much appreciated.
>>
>> Thanks,
>>
>> Chris Short
>> http://chrisshort.net
>> Public PGP Key: http://cshort.co/pub_key
>> Keybase: http://cshort.co/keybaseio
>>
>>
>>
>> ------------------------------------------------------------------------------
>>
>>
>>
>> _______________________________________________
>> Fail2ban-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/fail2ban-users
>>
>
> ------------------------------------------------------------------------------
> _______________________________________________
> Fail2ban-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/fail2ban-users
>

------------------------------------------------------------------------------
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Reply via email to