I can't talk for fedora, but on debian the jail.conf is the main
configuration file that you should not touch. Your modifications should
go to jail.local.
As for filter.d, it is a directory containing all the necessary regexes
to parse the software log files in search of offending IPs. That too
shouldn't be changed unless you have software that doesn't come with a
fail2ban filter, or if you modify the standard output format of the logs
of any software that fail2ban monitors.
In summary, your changes should go to jail.local and should be as small
as possible as Richard mentionned (only change what doesn't already come
by default).
Good luck !
Yassine.
On 8/27/20 12:32 PM, Richard Shaw wrote:
On Tue, Aug 25, 2020 at 12:12 AM Jason Long <hack3r...@yahoo.com
<mailto:hack3r...@yahoo.com>> wrote:
Thank you.
What is the role of "jail.conf" and "filter.d" ?
Under the "filter.d" directory I see something like "vsftpd.conf"
!!! Are they the instruction for Fail2ban about how to ban?
I would have to defer to others about that. My experience is limited
to maintaining the package for Fedora/EPEL and setting up a SSH jail
as that is the only port I leave open to the internet.
If I had to guess, I would think filter.d contains rules for how to
scrape log files to find failed connection attempts.
Thanks,
Richard
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
