[CentOS] CentOS 6.3 - fail2ban not working properly + workaround
silvertip257 at gmail.com
Wed Oct 17 11:51:59 EDT 2012
I recall others on this list are using fail2ban to block brute force
Packages are from the EPEL repo, so I'm just sharing some knowledge here.
For about two months now I've had a CentOS 6.3 box (web host) in
production that occasionally is ftp brute forced.
Oddly enough fail2ban wasn't nabbing the perpetrators. I found that
the iptables chain for VSFTP isn't created for one.
I have finally come to find  that indicates there's a problem with
the inotify backend.
Setting backend=gamin in /etc/fail2ban/jail.conf gives me the iptables
chain I expect to find and one blocked host.
Hope this is helpful to somebody until a new version is commited to EPEL.
ok -- that point was not yet good ;) now (0.8.6-95-gc0c1232) that
branch seems to work just perfect. If I hear no complaints or do not
see problem with my instance -- I will merge it into master tomorrow,
thus closing this issue
// SilverTip257 //
More information about the CentOS