Automatic bantime #71

Yajo opened this Issue Aug 7, 2012 · 11 comments


None yet

7 participants

Yajo commented Aug 7, 2012

IMHO Fail2ban should have an option to enable automatic bantime, which increases each time an IP gets blocked. Other ways, an attacker could get to guess how many tries he can do in a given time and exploit your services without reaching that limit.

See for more info.


indeed would be a good feature to have -- any takers? ;-)


That'll be really nice feature!


I like the idea of iptables recent module..

Have the bantime start when the packets stop.

takeda commented May 2, 2013

There is a filter called recidive. You simply set it to monitor fail2ban log and use it to set permanent bans for repeated offenders.

It's not exactly what you want but pretty much accomplishes the same goal and you can already use it without waiting for this functionality to be added to fail2ban.


Another vote for an option to increase ban time exponentially where the exponent is some factor >= 1.0. I suppose I could write this myself, if I understood your protocol for accepting patches.


well -- #716 is WIP for that.. but it is a bit "messy" since also has #824 in it... let me see if may be I would just finally merge 824 in ;)


Thanks, you just saved me a lot of duplication of effort. I'll be patient.


Well, I would encourage you @johnwbyrd to look through #716 and express your opinion even on specifications of the incremental bans... I still feel that that aiming at max flexibility they are a bit cumbersome but I could be convinced just to be biased ;)

sebres commented Oct 23, 2014
but it is a bit "messy"

just a little bit :)
it Is my major branch, once not paying attention - and merged, but #824 concerns other files, therefore can be easy distinguished from ban-time-incr.

sebres commented Nov 22, 2014

since #824 merged in master, #716 is "clean" again.

sebres commented Mar 13, 2017

implemented in #1460

@sebres sebres closed this Mar 13, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment