I've set up a ban that runs for B time after F fails in T minutes.
After each IP is un-banned, what I would like to do is, say, decrement F (or
even halve it) for each IP that was previously banned in a given window. Or
double B. Or both.
For example:
- specific IP banned for 1 hour as a result of 10 fails in 30 min.
- then un-banned after 1 hour
I would like something along the lines of:
- for the next 4 hours will be banned again for one hour for *FIVE* fails in 30
min.
or
- for the next 4 hours will be banned again for *TWO* hours for *FIVE* fails in
30 min.
etc
Is this easy/possible?
I imagine there would be a global 'horizon' setting, and each IP would have some
kind of "ban severity level" incremented each time it gets banned again within
the horizon, and decremented each time the horizon passes without a ban.
The ban duration would/could be affected by the "ban severity level" and the ban
threshold could be similarly affected.
Does this sound useful?
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
