Re: [Fail2ban-users] fail2ban not banning anything

Harrison Johnson Fri, 02 Oct 2015 11:44:23 -0700

This is what mine looks like:

[DEFAULT]


destemail = root

sender = root

ignoreip = 127.0.0.1/8 68.97.189.170 

bantime  = 780  ;13 minutes

findtime  = 10800       ;3 hours

action = %(action_)s

backend=systemd

[sshd]
enabled = true
backend = systemd
#logpath = %(syslog_authpriv)s
maxretry = 2

[vncserver]
enabled = true
backend = systemd
#logpath = %(syslog_user)s
port = 5800,5900
maxretry = 2

[postgresql]
enabled = true
backend = systemd
#logpath = %(syslog_user)s
port = 5432
maxretry = 2

[selinux-ssh]
#enabled = true
maxretry = 2
backend = systemd

[recidive]
enabled = true
backend = systemd
findtime = 259200   ; 3 days
maxretry = 5
action = iptables-allports[name=%(__name__)s, port="%(port)s",
protocol="%(protocol)s", chain="%(chain)s"]
         %(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s",
logpath=%(logpath)s, chain="%(chain)s"]

[supermax]
enabled = true
findtime = 1123200      ; 13 days
backend = systemd
#logpath = %(syslog_user)s
maxretry = 8
port = all
protocol = all
action = iptables-life[name=%(__name__)s]
         %(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s"]

[pam-root]
enabled = true
findtime  = 600 ;10 minute
bantime = 600
backend = systemd
#logpath = %(syslog_user)s
maxretry = 1
port = all
protocol = all
action = iptables-life[name=%(__name__)s]
         %(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s"]
         
[pam-unknown]
#enabled = true
findtime  = 2419200     ;4 weeks
backend = systemd
logpath = %(syslog_user)s
maxretry = 3
port = all
protocol = all
action = iptables-life[name=%(__name__)s]
         %(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s"]

[fail2bancluster]
enabled = true
port = 22,443,80,25,110,143,3128,11443
protocol = tcp
filter = fail2bancluster
logpath = /var/log/messages
maxretry = 1


On Fri, 2015-10-02 at 19:38 +0100, Anthony Griffiths wrote:

> I'm running centos 6 and I've just installed
> fail2ban-0.9.2-1.el6.noarch using yum. I notice straight away the
> jail.conf file looks different and I can't get fail2ban to ban
> anything. After trawling google I can't find an up-to-date working
> sample jail.local file as a reference.
> The program starts fine, it just doesn't ban anything and no fail2ban
> rules are generated in iptables. I've used previous versions of
> fail2ban many times but this new version has me stumped. Can anyone
> point me to an example of how this new jail.local file should look?
> 
> ------------------------------------------------------------------------------
> _______________________________________________
> Fail2ban-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/fail2ban-users

------------------------------------------------------------------------------

_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Re: [Fail2ban-users] fail2ban not banning anything

Reply via email to