I try to add rules for manual ban, so first i added a new jail in /etc/jail.local
enabled = true
port = all
filter = none
logpath = /etc/fail2ban/empty.log
maxretry = 1
bantime = 3600
action = %(action_)s
fail2ban-client status seems fine
|- Number of jail: 8
`- Jail list: blocklist, proftpd, ssh-ddos, apache-overflows, ssh, dovecot, apache, sasl
So heres my filter:
Here's the output:
server1:/etc/fail2ban/filter.d# fail2ban-client set blocklist banip "18.104.22.168"
Result in iptables seems empty:
Chain fail2ban-blocklist (0 references)
target prot opt source destination
RETURN all -- anywhere anywhere
have you seen #50 ?
yeah allready did it... no effect
i try to make a workaround now to write in the emptylog with regex
echo date +"%Y/%m/%d %H:%M:%S" "A-IP" >> empty.log
somehow it ends with blocking the ip 0.0.0.20
doesn't matter what IP i add in the Log
date +"%Y/%m/%d %H:%M:%S"
ok now correcting... it works after 1 minute... somehow...
but whats the failure about the 0.0.0.20 block=
so ATM it requires the log file jail monitors to get modified to trigger an action... otherwise manual ban is working. I have retitled the issue and postponed it for milestone 0.9.0
I think this one was addressed by 2d672d1