Discussion:
[Fail2ban-users] Recidive jail not banning
Jessica Lynne Sheatler
2016-12-07 14:54:56 UTC
Permalink
OS: CentOS 7

This is my first time installing and configuring fail2ban. The jail sshd (my initial and only other jail) functions correctly and sends out email notifications but recidive does not. I am trying to configure the jail so that if sshd bans an ip address 2 times within 1 day, that ip address is then banned for a week. I've tried to include as much relevant info as possible below.

-----------------------
jail.local

#Fail2Ban Jail Configuration

[DEFAULT]
bantime = 1800
findtime = 1800
backend = systemd
destemail = ***@outlook.com<mailto:***@outlook.com>
sender = ***@li617-130.members.linode.com<mailto:***@li617-130.members.linode.com>
action = %(action_mwl)s

[sshd]
enabled = true

[recidive]
enabled = true
logpath = /var/log/fail2ban.log
banaction = %(banaction_allports)s
bantime = 604800
findtime = 86400
maxretry = 2
----------------------------
Relevant lines from fail2ban.local

loglevel = INFO
logtarget = /var/log/fail2ban.log
dbpurgeage = 648000
----------------------------

Each jail also has a .local file in /etc/fail2ban/jail.d

If anyone could help me with this, it would be greatly appreciated.

Thanks,
Jessica
Nuno Dias
2016-12-09 11:11:50 UTC
Permalink
Hi Jessica,

I have the same problem with the same OS, I ask the same question
before to this list without any solution, so at this point it seems
it's a bug!

Cheers,
Nuno
Post by Jessica Lynne Sheatler
OS: CentOS 7
 
This is my first time installing and configuring fail2ban. The jail
sshd (my initial and only other jail) functions correctly and sends
out email notifications but recidive does not. I am trying to
configure the jail so that if sshd bans an ip address 2 times within
1 day, that ip address is then banned for a week. I’ve tried to
include as much relevant info as possible below.
 
-----------------------
jail.local
 
#Fail2Ban Jail Configuration
 
[DEFAULT]
bantime = 1800
findtime = 1800
backend = systemd
action = %(action_mwl)s
 
[sshd]
enabled = true
 
[recidive]
enabled = true
logpath = /var/log/fail2ban.log
banaction = %(banaction_allports)s
bantime = 604800
findtime = 86400
maxretry = 2
----------------------------
Relevant lines from fail2ban.local
 
loglevel = INFO
logtarget = /var/log/fail2ban.log
dbpurgeage = 648000
----------------------------
 
Each jail also has a .local file in /etc/fail2ban/jail.d
 
If anyone could help me with this, it would be greatly appreciated.
 
Thanks,
Jessica
-------------------------------------------------------------------
-----------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today.http://sdm.link/xeonphi
_______________________________________________
Fail2ban-users mailing list
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
--
Nuno Dias <***@lip.pt>
LIP
Loading...