Re: [Fail2ban-users] maxretry maxfailures What's the deal ??

Thu, 29 Aug 2019 12:29:43 -0700 


-------- Original Message --------
*Subject: *  Re: [Fail2ban-users] maxretry maxfailures What's the deal ??
*From: *     Dominic Raferd <domi...@timedicer.co.uk>
*To: *         Fail2ban-users Distribution List 
<fail2ban-users@lists.sourceforge.net>
*CC: *
*Date: *      2019-8-28  12:29 PM



On Wed, 28 Aug 2019 at 16:32, Mike <t...@rohms.com <mailto:t...@rohms.com>> 
wrote:

    At 07:25 AM 8/28/2019, Wayne Sallee wrote:
    >-------- Original Message --------
    >*Subject:Â *Â Â Re: [Fail2ban-users] maxretry maxfailures What's the deal 
??
    >*From:Â *Â Â Â Â Â Dominic Raferd <domi...@timedicer.co.uk 
<mailto:domi...@timedicer.co.uk>>
    >*To:Â *Â Â Â Â Â Â Â Â Â Fail2ban-users
    >Distribution List <fail2ban-users@lists.sourceforge.net 
<mailto:fail2ban-users@lists.sourceforge.net>>
    >*CC:Â *
    >*Date:Â *Â Â Â Â Â Â 2019-8-28Â Â 07:50Â AM
    >>man jail.conf
    >
    >Yes, if you read my first post in this thread,
    >you will see that I quoted the manual.
    >
    >So since you will not give a strait answer, I am
    >going to assume that fail2ban used "maxretry"
    >originally, then on 2005/09/08 fail2ban changed
    >it to "maxfailures", then at a later time
    >fail2ban changed it back to "maxretry".
    >
    >Thanks for not answering my simple question.

    How difficult is it to help people?  If the
    answer is in the manual, great, let us know, but
    in the time it takes to look that up, you can
    also answer the question rather than state the obvious that there's a 
manpage.

    Is there anybody here actually on the dev team?


My thinking was: 'Give a man a fish, and you feed him for a day. Teach a man to 
fish, and you feed him for a lifetime.'


So, to spell it out: the man (or info) pages on a given Linux machine should provide canonical information for the 
version of the same software on that same machine - that is what they are there for. In general, not just for fail2ban.



For those who would rather be given the fish: the correct setting to use is maxretry - as stated in 'man jail.conf'. 
The contrary suggestion (maxfailures) is found in a changelog entry for fail2ban ver. 0.5.3 (2005/09/08) beta (14 
years ago!) - I presume that this never made it into a final release. It is also possible that maxfailures works just 
like maxretry (I haven't tested it) but even if it does I would not advise using it - no one else does and it is 
undocumented for all recent versions of fail2ban (and probably for all official releases ever). On my machine, 
counting the number of times the respective words occur in /etc/fail2ban (which mostly consists of the default files 
for debian/ubuntu installation for fail2ban v0.10.2) shows:

# grep -r maxretry /etc/fail2ban|wc -l
36
# grep -r maxfailures /etc/fail2ban|wc -l
0




Thanks for your reply. I will use maxretry.

A google search for "fail2ban" "maxfailures" shows 1,100 results. So a lot of people have 
been using "maxfailures".
And the top search result is https://linux.die.net/man/8/fail2ban

So it's good to get an official answer on the fail2ban list.

Wayne Sallee
wa...@waynesallee.com
http://www.WayneSallee.com



_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users






















					Reply via email to