[CentOS] fail2ban behavior
JohnS
jses27 at gmail.com
Mon Aug 9 13:31:16 UTC 2010
On Mon, 2010-08-09 at 00:38 +0000, Joseph L. Casale wrote:
> I created a filter and verified it with fail2ban-regex against
> actual lines in my log and it works. During restarts of fail2ban,
> only some previous ip's get banned immediately whereas some need a
> reoccurrence despite the jail's config specification of maxretry and
> findtime suggesting the entries mandate blocking.
>
> I'd assume the behavior after a restart is noe way if it weren't for
> the seemingly random immediate notification of blocks being different?
>
> Anyone with experience using fail2ban know anything about this?
>
> Thanks,
> jlc
---
Stop it at the Edge Router not the machine. Adding layers of security
become problems like you are getting. Ban the ip block with iptables.
John
More information about the CentOS
mailing list