As we seem to have resolution here, just branching slightly o/t.
In iptables-ipset-proto4.conf we have:
actionban = ipset --test f2b-<name> <ip> ||
ipset --add f2b-<name> <ip>
actionunban = ipset --test f2b-<name> <ip> &&
ipset --del f2b-<name> <ip>
Would it be better to use ipset's own built-in parameters -q/-quiet
and -!/-exist to give:
actionban = ipset -exist --add f2b-<name>
<ip>
actionunban = ipset -quiet --del f2b-<name> <ip>
That way, action unban quietly fails when adding and deleting
records and there is no need to do the --test.
In a similar way actionstart should possibly have an -exist for the
case where f2b has been ended without allowing it to destroy the
set.
Regards,
Nick
On 09/04/2016 18:07, Bill Shirley
wrote:
Yes, however you must include the 'actionban':
[Definition]
.
.
actionban = ipset -exist add
fail2ban-<name> <ip> timeout <my_timeout>
[Init]
name = Ip
my_timeout = 3600
Bill
On Sat, Apr 9, 2016, at 09:41 AM, Bill Shirley wrote:
It doesn't really matter what the default timeout is if you send the value from the jail:
actionban = ipset -exist add fail2ban-<name> <ip> timeout <my_timeout>
[Init]
name = Ip
my_timeout = 3600
jail:
[sshd]
action = ""
[sshd-2]
action = ""
Huh. I thought I tried that^ and it didn't work. Re-examining ...
To be clear,
[Init]
name = Ip
my_timeout = 3600
goes in the ACTION, my_ipset_ip.conf
and
jail:
[sshd]
action = ""
[sshd-2]
action = ""
in the jail.local, right?
Jason
------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial! http://pubads.g.doubleclick.net/
gampad/clk?id=1444514301&iu=/ca-pub-7940484522588532
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial! http://pubads.g.doubleclick.net/
gampad/clk?id=1444514301&iu=/ca-pub-7940484522588532
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
|
------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial! http://pubads.g.doubleclick.net/
gampad/clk?id=1444514301&iu=/ca-pub-7940484522588532
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
