You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A list of IP address (resp. a subnet mask) is totally enough for ignore purposes.
For an ignore entry as DNS (FQDN) a regexp or grep match would be possibly interesting, but in this case fail2ban have to do a reverse DNS lookup each time it founds a failure, thus it is simply more expensive.
But if you have own DNS service locally, you can simply create a zone that have several IPs and simply add this FQDN to ignore list.
Furthermore fail2ban has still another handling ignorecommand for any other purposes you may need.
See for example #2013 (comment)
when I add ip ignore list , I have found
is that ok?
I think add IP regex is better.
The text was updated successfully, but these errors were encountered: