I cooked this up this weekend to make it easier to review my bans. (I can
also use "ipset list" to view the active ones.) For now I'm invoking this
daily in /etc/cron.daily.
<https://gist.github.com/SpareSimian/cc6ba11f13ccb71bbf207847e395b427>
It's clear from comparing the output to what's in the ipsets that the DB
has a lot of stale bans. Their age suggests that the DB is only pruned when
the server restarts. Why isn't it pruned more frequently?
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
