Yes, running the program once beats twice. Also -exist should work with del.
You don't need the double
dash in front of 'add' or 'del':
actionban = ipset -exist add fail2ban-<name> <ip>,<protocol>:<port> timeout
<my_timeout>
actionunban = ipset -exist del fail2ban-<name> <ip>,<protocol>:<port>
Bill
On 4/9/2016 2:19 PM, Nick Howitt wrote:
As we seem to have resolution here, just branching slightly o/t.
In iptables-ipset-proto4.conf we have:
actionban = ipset --test f2b-<name> <ip> || ipset --add f2b-<name> <ip>
actionunban = ipset --test f2b-<name> <ip> && ipset --del f2b-<name> <ip>
Would it be better to use ipset's own built-in parameters -q/-quiet and
-!/-exist to give:
actionban = ipset -exist --add f2b-<name> <ip>
actionunban = ipset -quiet --del f2b-<name> <ip>
That way, action unban quietly fails when adding and deleting records and there
is no need to do the --test.
In a similar way actionstart should possibly have an -exist for the case where f2b has been ended without allowing it to
destroy the set.
Regards,
Nick
On 09/04/2016 18:07, Bill Shirley wrote:
Yes, however you must include the 'actionban':
[Definition]
.
.
actionban = ipset -exist add fail2ban-<name> <ip> timeout <my_timeout>
[Init]
name = Ip
my_timeout = 3600
Bill
On 4/9/2016 12:48 PM, jaso...@mail-central.com wrote:
On Sat, Apr 9, 2016, at 09:41 AM, Bill Shirley wrote:
It doesn't really matter what the default timeout is if you send the value from
the jail:
actionban = ipset -exist add fail2ban-<name> <ip> timeout <my_timeout>
[Init]
name = Ip
my_timeout = 3600
jail:
[sshd]
action = my_ipset_ip[my_timeout=86400]
[sshd-2]
action = my_ipset_ip[my_timeout=12345]
Huh. I thought I tried that^ and it didn't work. Re-examining ...
To be clear,
[Init]
name = Ip
my_timeout = 3600
goes in the ACTION, my_ipset_ip.conf
and
jail:
[sshd]
action = my_ipset_ip[my_timeout=86400]
[sshd-2]
action = my_ipset_ip[my_timeout=12345]
in the jail.local, right?
Jason
------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!http://pubads.g.doubleclick.net/
gampad/clk?id=1444514301&iu=/ca-pub-7940484522588532
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!http://pubads.g.doubleclick.net/
gampad/clk?id=1444514301&iu=/ca-pub-7940484522588532
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial! http://pubads.g.doubleclick.net/
gampad/clk?id=1444514301&iu=/ca-pub-7940484522588532
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
