It doesn't really matter what the default timeout is if you send the value from the jail: actionban = ipset -exist add fail2ban-<name> <ip> timeout <my_timeout>
[Init] name = Ip my_timeout = 3600 jail: [sshd] action = my_ipset_ip[my_timeout=86400] [sshd-2] action = my_ipset_ip[my_timeout=12345] Bill On 4/8/2016 1:11 PM, [email protected] wrote:
On Fri, Apr 8, 2016, at 09:58 AM, Nick Howitt wrote:Can you set your ipset set with a default timeout? It is a supported parameter. This is only a workaround.Sure. In the current action already is for example actionstart = if ! ipset -quiet -name list f2b-<name> >/dev/null; then ipset -quiet -exist create f2b-<name> hash:ip timeout <bantime>; fi Atm I can create/clone multiple ipset actions for different bantimes, but that just seems a waste. Ideally I want to be able to reuse the same action, spec'ing the jails in .local, for example [my-jail-1] enabled = true maxretry = 3 findtime = %(oneweek)s bantime = %(onemonth)s filter = my-filter-1 action = an-ipset-action... [my-jail-2] enabled = true maxretry = 10 findtime = %(onehour)s bantime = %(oneday)s filter = my-filter-2 action = an-ipset-action... I'm having a hard time understanding why there's not a consistent approach to this. Clearly other folks have been asking the same question. If there's an answer, I didn't find it yet. Jason ------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! http://pubads.g.doubleclick.net/ gampad/clk?id=1444514301&iu=/ca-pub-7940484522588532 _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! http://pubads.g.doubleclick.net/ gampad/clk?id=1444514301&iu=/ca-pub-7940484522588532
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
