Thank you, I updated to 0.11.2-3 and will see if subnet bans stick.
That may be a function of the type of IPSET list created. I know that with ipset you can blacklist subnets but if it isn't a certain list:hash type it will expand the subnet into an array of individual IP addresses.
If F2B can now handle subnets as single entries, that would be really cool. I am using a separate system (login-shield) for that very effectively.
_______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
