What version of Fail2Ban? ( $ fail2ban-server -V ) What happens when you grep from the command line?
grep '111.222.111.222' /var/log/apache2/access.log Change the IP of course and see what the above returns to you. The grep being run in the mail-whois-lines.conf of v0.8.11 does this: "`grep '\<<ip>\>' <logpath>`\n\n"The grep being run in the mail-whois-lines.conf of v0.9.3 does it differently.
`grep -E <grepopts> '(^|[^0-9])<ip>([^0-9]|$)' <logpath>`\n\n Have you checked your Fail2ban.log for any warning or messages? Are your apache and nginx logs in a standard format? On 2016/07/22 11:10 PM, Sabine Engelhardt wrote:
Hi, as I did not get any reaction in #fail2ban on Freenode, I try it here: I'm using fail2ban on a server running Debian Jessie. As configured it sends me an email each time it bans an IP address. But in that mail the part „Lines containing IP:<ip> in <logpath>“ is only followed by 3 empty lines and then „Regards“; the actual loglines are missing, although the IP gets banned. So I guess it might be a problem with the grep command in mail-whois-lines.conf? It works with mail.log, just not with access.log (nginx or apache2). Google or the fail2ban wiki were not helpful. Greetings Frosch ------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports.http://sdm.link/zohodev2dev _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports.http://sdm.link/zohodev2dev
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
