Hi, The recidive jail does this , to some extent. Maybe it's already enough for what you need?
Kind regards,
Tom
On 01-06-17 07:34, Philip Warner wrote:
> I've set up a ban that runs for B time after F fails in T minutes.
>
> After each IP is un-banned, what I would like to do is, say, decrement F
> (or even halve it) for each IP that was previously banned in a given
> window. Or double B. Or both.
>
> For example:
>
> - specific IP banned for 1 hour as a result of 10 fails in 30 min.
> - then un-banned after 1 hour
>
> I would like something along the lines of:
>
> - for the next 4 hours will be banned again for one hour for *FIVE*
> fails in 30 min.
>
> or
>
> - for the next 4 hours will be banned again for *TWO* hours for *FIVE*
> fails in 30 min.
>
> etc
>
> Is this easy/possible?
>
> I imagine there would be a global 'horizon' setting, and each IP would
> have some kind of "ban severity level" incremented each time it gets
> banned again within the horizon, and decremented each time the horizon
> passes without a ban.
>
> The ban duration would/could be affected by the "ban severity level" and
> the ban threshold could be similarly affected.
>
> Does this sound useful?
>
>
>
>
>
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>
>
>
> _______________________________________________
> Fail2ban-users mailing list
> Fail2ban-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/fail2ban-users
>
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
