Are the various multiplier settings documented somewhere? Examples would be very welcome too. Isn’t that what this list is for? :)
> On 30 Mar 2018, at 14:46, Tony Collins <t...@evilplan.org.uk> wrote: > > Hi! > > It's really configurable: there's a basic on/off setting, but you can also > tell it how much to increase by each time, and you can set either simple or > aggressive formulae. > > This is one of the settings for the multiplier: > > bantime.multipliers = 1 2 16 90 182 365 1000 2000 > > That shows how aggressively it will increase the bantime. In example above, > my bantime of 86400 (1 day) will ban a persistent offender for 1 day, 2 days, > 16 days etc. You can configure it in a really granular way if you manipulate > the ban time with the multiplier. > > In terms of purging, yes I'm talking about dbpurgeage. Until 0.10 or 0.11 > that setting didn't actually do anything. No function was ever written to > purge the DB. > > Now it works; it does purge after dbpurgeage. So I set my purge age to 2 > years, so that it remembers long-time bans. But that's because my multiplier > eventually bans bad IPa for a year or more. > > The purge age amount depends on what sort of ban times you set. > > If you want to discuss more specific examples, I can show you how I'm using > it. > > It's honestly improved f2b by ten times for me - the recidive jail never > quite worked for me because it was not very configurable, but now we have an > ability to generate longer and longer ban times, so Fail2Ban really feels > even more useful. > > Tony > > On Fri, 30 Mar 2018 at 11:31, Palvelin Postmaster via Fail2ban-users > <fail2ban-users@lists.sourceforge.net> wrote: > > > > On 15 Mar 2018, at 12:00, Tony Collins <t...@evilplan.org.uk> wrote: > > > > One other thing: the 0.11.x version of f2b has a ban time "multiplier", > > which is just fantastic - if the same IP keeps getting banned, f2b > > automatically increases the ban time. To do that you need a long 'purgeage' > > setting (so it can remember that an IP was banned a few months ago), and > > again once you use f2b to manage your blocks, it can just take care of > > everything - you never need to use iptables commands for unblocking, > > because f2b 0.11.x manages ban times so much more effectively and > > logically. F2b has always managed bans and unbans pretty well, but there's > > been some really excellent polish applied to recent versions. > > Is the ’multiplier’ applied automatically or is there a setting? > > I presumw by ’purgeable’ you refer the dbpurgeage setting. Where should one > ideally set it in regards to the new automatically increasing ban time? > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Fail2ban-users mailing list > Fail2ban-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/fail2ban-users > -- > -- Tony Collins > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! > http://sdm.link/slashdot_______________________________________________ > Fail2ban-users mailing list > Fail2ban-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/fail2ban-users ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
