We are not able to tell if the sshd-root filter is even being invoked. It does block after three bad attempts at logging in. We are running on Fedora 22 systems. Also we have been able to get the email to work. We are new to using fail2ban. Here is our jail file:
# # WARNING: heavily refactored in 0.9.0 release. Please review and # customize settings for your setup. # # Changes: in most of the cases you should not modify this # file, but provide customizations in jail.local file, # or separate .conf files under jail.d/ directory, e.g.: # # HOW TO ACTIVATE JAILS: # # YOU SHOULD NOT MODIFY THIS FILE. # # It will probably be overwritten or improved in a distribution update. # # Provide customizations in a jail.local file or a jail.d/customisation.local. # For example to change the default bantime for all jails and to enable the # ssh-iptables jail the following (uncommented) would appear in the .local file. # See man 5 jail.conf for details. # [DEFAULT] # bantime = 3600 bantime = 259200 #banaction= firewallcmd-ipset banaction= firewallcmd-new backend = systemd maxretry = 3 #sender = [email protected] #destmail = root@localhost #action = %(action_mwl)s # "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not # ban a host which matches an address in this list. Several addresses can be # defined using space separator. ignoreip = 127.0.0.1/8 10.2.2.0/255.255.255.0 # [sshd] enabled = true port = 1:65535 filter = sshd-root banttime = 604800 maxretry = 0 ------------------------------------------------------------------------------ Monitor 25 network devices or servers for free with OpManager! OpManager is web-based network management software that monitors network devices and physical & virtual servers, alerts via email & sms for fault. Monitor 25 devices for free with no restriction. Download now http://ad.doubleclick.net/ddm/clk/292181274;119417398;o _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
