Y., Thank you very much, this helped in creating a more permanent solution. Based on your document and a tool set I already created before (pig.made-it.com/ban-ip.html) I have now expanded it into a full daemon (bash based), that maintains the database and checks for expires etc. I have run some basic tests and all seems to work well.
The daemon and client are available from: http://pig.made-it.com/ban-ip/ban-ip.0.7.tar.gz It integrates well with fail2ban (examples supplied in the tar.gz). I currently only support ipset, but extending it to support iptables shouldn't be too difficult, since everything is bash based it should in theory be possible to support every kind of firewall and run on every host that supports bash, ipset and iptables. Thank you for your extensive documentation that helped enormously! Hope my little effort helps others. With kind regards, Dennis Leeuw On 05-11-15 11:43, Y. wrote: > Hi Dennis, > > You may be interested in this article I wrote: > http://yalis.fr/cms/index.php/post/2014/11/02/Migrate-from-DenyHosts-to-Fail2ban > > > > Cheers, > > Le 2015-11-05 10:48, Dennis Leeuw a écrit : >> Hi all, >> >> Certain users get blacklisted very often, probably due to a lot of tried >> certificates. So I was looking for a way to reset the counters for a >> user (after a succesful login). I wrote a little shell script that uses >> inotify to monitor for succesful logins, and if a succesful login occurs >> I want to reset the failed counter. But it seems that everything is done >> in memory and only when the counter hits 5 fails (our current treshold) >> the ban line is written to the SQL database. >> >> I also could not find an option to use with fail2ban-client to reset the >> counters (unbanning an not yet banned IP doesn't work and using >> addignoreip/delignoreip also does not reset the counters). Is there a >> way to accomplish this? >> >> Thanks, >> >> Dennis Leeuw > ------------------------------------------------------------------------------ Go from Idea to Many App Stores Faster with Intel(R) XDK Give your users amazing mobile app experiences with Intel(R) XDK. Use one codebase in this all-in-one HTML5 development environment. Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs. http://pubads.g.doubleclick.net/gampad/clk?id=254741551&iu=/4140 _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
