Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

make manual ban effective immediately #53

Closed
Kapsonfire opened this Issue · 6 comments

2 participants

@Kapsonfire

I try to add rules for manual ban, so first i added a new jail in /etc/jail.local

[blocklist]
enabled  =  true
port     =  all
filter   =  none
logpath  =  /etc/fail2ban/empty.log
maxretry =  1
bantime  =  3600
action   =  %(action_)s

fail2ban-client status seems fine

|- Number of jail:      8
`- Jail list:           blocklist, proftpd, ssh-ddos, apache-overflows, ssh, dovecot, apache, sasl

So heres my filter:

[Definition]

failregex =



ignoreregex =

Here's the output:

server1:/etc/fail2ban/filter.d# fail2ban-client set blocklist banip "22.22.22.22"
22.22.22.22

Result in iptables seems empty:

Chain fail2ban-blocklist (0 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Any idea?

@yarikoptic
Owner

have you seen #50 ?

@Kapsonfire

yeah allready did it... no effect
i try to make a workaround now to write in the emptylog with regex
echo date +"%Y/%m/%d %H:%M:%S" "A-IP" >> empty.log
somehow it ends with blocking the ip 0.0.0.20
doesn't matter what IP i add in the Log

@Kapsonfire

ok now correcting... it works after 1 minute... somehow...
but whats the failure about the 0.0.0.20 block=

@yarikoptic
Owner
@yarikoptic
Owner

so ATM it requires the log file jail monitors to get modified to trigger an action... otherwise manual ban is working. I have retitled the issue and postponed it for milestone 0.9.0

@yarikoptic
Owner

I think this one was addressed by 2d672d1

@yarikoptic yarikoptic closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.