9 Aug
2010
9 Aug
'10
2:38 a.m.
I created a filter and verified it with fail2ban-regex against actual lines in my log and it works. During restarts of fail2ban, only some previous ip's get banned immediately whereas some need a reoccurrence despite the jail's config specification of maxretry and findtime suggesting the entries mandate blocking.
I'd assume the behavior after a restart is noe way if it weren't for the seemingly random immediate notification of blocks being different?
Anyone with experience using fail2ban know anything about this?
Thanks, jlc