Thanks for the info!
Maybe a random of drop reject would be a good default.
Wayne Sallee
wa...@waynesallee.com
http://www.WayneSallee.com
On 08/10/2018 04:56 PM, Philip James Clarke via Fail2ban-users wrote:
No fail2ban keeps a database as the logs change, located
in/usr/lib/python3/dist-pack
I found what is causing the problem, now I've got to decide what I'm going to
do about it.
https://github.com/fail2ban/fail2ban/issues/231
Wayne Sallee
wa...@waynesallee.com
http://www.WayneSallee.com
On 08/10/2018 11:59 AM, Tony Collins wrote:
The "missed" amount is the number of log entries
I wish fail2ban had better documentation on "backend =".
Do any of the default "%(jail_backend)s" ever work?
What settings do y'all use for "backend ="?
Wayne Sallee
wa...@waynesallee.com
http://www.WayneSallee.com
--
And is there an easy way to know what the "%(jail_something)s" points to?
like as in echo $jail_something
Wayne Sallee
wa...@waynesallee.com
http://www.WayneSallee.com
On 08/11/2018 12:18 PM, Wayne Sallee wrote:
I wish fail2ban had better documentation on "backend =".
Do any of the default "
I have backend = pyinotify installed with Ubuntu which apparently is first
choice on the auto list. I’m a little confused about your later comment (below)
> And is there an easy way to know what the "%(jail_something)s" points to?
where are you looking?
Something I’ve found useful for checking
The "%(jail_something)s" I'm referring to is in the settings found in
/etc/fail2ban/jail.conf
Wayne Sallee
wa...@waynesallee.com
http://www.WayneSallee.com
On 08/11/2018 12:55 PM, Philip James Clarke via Fail2ban-users wrote:
I’m a little confused about your later comment (below)
And is the
do you mean this?
# "filter" defines the filter to use by the jail.
# By default jails have names matching their filter name
#
filter = %(__name__)s
or the big action section or log paths?
> On 11 Aug 2018, at 19:33, Wayne Sallee wrote:
>
> The "%(jail_something)s" I'm referring to is in th
No. Like this:
[sshd]
port = ssh
logpath = %(sshd_log)s
backend = %(sshd_backend)s
Wayne Sallee
wa...@waynesallee.com
http://www.WayneSallee.com
On 08/11/2018 02:53 PM, Philip James Clarke via Fail2ban-users wrote:
do you mean this?
# "filter" defines the filter to use by the jail.
# By
I don’t know about an “easy way” I just do this
# grep sshd_log `find /etc/fail2ban -type f`
/etc/fail2ban/paths-common.conf:sshd_log = %(syslog_authpriv)s
/etc/fail2ban/jail.conf:logpath = %(sshd_log)s
/etc/fail2ban/jail.conf:logpath = %(sshd_log)s
and follow the path until I find the answer
>
My mistake fail2bans database is /var/lib/fail2ban/fail2ban.sqlite3 on ubuntu
and mine is about 2.9 Mbytes, still not big by any stretch and quite
interesting to read through (I’m using the sqlite3 command line) very primitive
interface compared to mysql but there’s a table “logs” storing the de
* Philip James Clarke via Fail2ban-users
[08-11-18 20:42]:
> My mistake fail2bans database is /var/lib/fail2ban/fail2ban.sqlite3 on
> ubuntu and mine is about 2.9 Mbytes, still not big by any stretch and
> quite interesting to read through (I’m using the sqlite3 command line)
> very primitive int
> On 12 Aug 2018, at 01:45, Patrick Shanahan wrote:
>
> * Philip James Clarke via Fail2ban-users
> [08-11-18 20:42]:
>> My mistake fail2bans database is /var/lib/fail2ban/fail2ban.sqlite3 on
>> ubuntu and mine is about 2.9 Mbytes, still not big by any stretch and
>> quite interesting to read
12 matches
Mail list logo