New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fail2ban not releasing ban after expiration #34
Comments
Likely related to #23 (comment) where I experience similar behavior in a different context, I'm getting banned no matter what my |
I agree that the ban should be lifted when bantime has passed so something is wrong, but isn't the nature of Fail2ban that a specific ip is blocked regardless of url it tries to access? My understanding is that a firewall (iptables and similar) is used and thereby blocking the ip specifically? |
Hello ! When a ip is banned, it is banned on all the domain that are registered with fail2ban so trying to access localhost:8000/one or localhost:8000/two after being banned will only reset the banning time. We are going to make 2 releases in the upcoming weeks :
Thoses releases will help to at least debug your problem and if the problem lie in regexp it could be resolved like that ! |
Looking forward to your updates. Met me know if you need any debug information. |
Hello, We released two new versions of fail2ban : 0.6.1 & 0.6.2. Clement |
How would this config look in my .toml file? |
Ok. Updated now but situation is still the same: fail2ban basically just banning when I access my site for no specific reason. 🤷🏼♂️ |
Can you produce a reproducible case ?
Is not enough for me do to do something about it. |
middlewares.toml
Activation:
Debug log:
|
|
Does that mean that the implementation of the fail2ban module is to ban all ip's not whitelisted? Because that is not what I expected based on my experience with it's namesake program. |
Here's the doc on how regexp works. Feel free to open a pr that could enhance either the doc or the regexp (and the plugin) behaviour. I will close this issue as it seems that you are asking us to build your configuration. But don't hesitate to ask your issue about it on the Traefik community forum. |
I seem to have an issue where fail2ban reactives a previous ban on an ip when the same ip tries to access the site after ban expires.
Environment:
static config:
service config:
- "traefik.http.routers.authelia-rtr.middlewares=my-fail2ban@file,chain-no-auth@file"
Traefik log after restart:
Triggering ban:
Then waiting until bantime expires:
When accessing Authelia after bantime expires (line 1) fail2ban correctly notifies that ip is back in whitelist mode. However, a new request (line 2) puts the client back in fail2ban mode. This does not seem right and I wonder where I have blundered in my setup?
The text was updated successfully, but these errors were encountered: