Hi Timo, If you send us the output of - fail2ban-client –d That might show us the clues. It sounds like fail2ban is catching it, but not adding anything to your firewall. You might want to check it is in the firewall using something like – iptables –L | grep x.x.x.x
Thanks, Rich From: Timo Brandt - Umweltsynergien [mailto:[email protected]] Sent: 18 August 2015 10:34 To: [email protected] Subject: [Fail2ban-users] Stupid question Hi together, I've got a stupid question. Yesterday, I watched all log files on my debian 7 server with tail -f *. I've seen some logins with root from different ip's and fail2ban writes in his log " ip xxx.xxx.xxx.xxx<http://xxx.xxx.xxx.xxx> already banned. How can this be? I thought, fail2ban and iptables ban this ip so that they can't try any login? can you help me? Thx, Timo
------------------------------------------------------------------------------
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
