I found what is causing the problem, now I've got to decide what I'm going to
do about it.
https://github.com/fail2ban/fail2ban/issues/231
Wayne Sallee
wa...@waynesallee.com
http://www.WayneSallee.com
On 08/10/2018 11:59 AM, Tony Collins wrote:
The "missed" amount is the number of log entries that didn't get dealt with either under a "fail" rule or an "ignore"
rule.
The best thing to do is, paste in your jail.local file, as well as your jail filter .conf files. And then also include
some of your fail2ban.log entries
There could be loads of reasons why it isn't banning, and it's only possible to
diagnose it with a bit more info.
It's easy to include more than one log file in a jail. Here's an excerpt from
my jail.local:
[plesk]
enabled=false
action=%(ipset-action)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s",
chain="%(chain)s"]
%(mta)s-whois-lines-logsonly[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s",
logpath=/var/log/php_errors.log;/var/log/old-logs/php_errors/php_errors.log.1;/var/log/plesk/httpsd_access_log;/var/log/plesk/httpsd_access_log.processed;/var/log/plesk/httpsd_access_log.processed.1,
chain="%(chain)s"]
logpath=/var/log/php_errors.log
/var/log/old-logs/php_errors/php_errors.log.1
/var/log/plesk/httpsd_access_log
/var/log/plesk/httpsd_access_log.processed
/var/log/plesk/httpsd_access_log.processed.1
Note the two different ways of adding more than one log file - either separated with a semi-colon ---> ; <--- or,
separated with a newline.
Tony Collins
Tony Collins
RMT Tier 1 Health & Safety Representative
Edgware Road Traincrew Depot
07949 228324
On 10 August 2018 at 16:01, Wayne Sallee <wa...@waynesallee.com
<mailto:wa...@waynesallee.com>> wrote:
Fial2Ban is doing nothing but sending me e-mails when I restart fail to
ban. So at least that part works. :-)
But it's not banning.
Error statements are almost useless.
Trying to run test commands or status commands gives me info that does not
help.
What's the best way to test a jail?
What is the proper way to include more than one log file in a jail?
How can I tell if the jail is using all listed log files?
What does "2580 missed" mean?
Wayne Sallee
wa...@waynesallee.com
http://www.WayneSallee.com
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
<mailto:Fail2ban-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
<https://lists.sourceforge.net/lists/listinfo/fail2ban-users>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
