Hi, You are thinking to close by ban people out.
I, for myself runing a jail named "info-apache" which triggers on access to the file "robots.txt". action isn't to ban out these ip's, there f2b only sending a mail using some greped infos from the log. So i can see which bots, how often take access to my server.
f2b take a action, but these action isn't a ban out via firewall in every case.
Best regards Peter Am 13.07.2021 um 01:33 schrieb James Moe via Fail2ban-users:
fail2ban v1.0.1.1 opensuse tumbleweed, linux v5.13.0 Messages as shown below occasionally are in the log. It does not make much sense. If the IP is banned, how can it be detected in the target log? 2021-07-11 16:15:31,136 fail2ban.filter [10710]: INFO [suricata-1] Found 65.205.231.167 - 2021-07-11 16:15:31 2021-07-11 16:15:31,357 fail2ban.actions [10710]: WARNING [suricata-1] 65.205.231.167 already banned
_______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
