Hmm, looking thought fail2ban.log (set to debug level INFO) and also checking fail2ban-client -d, I can’t see anything that says specifically that a local file is overriding a conf file. Your fail2ban-regex test is very precise in the file it defines, so to check fail2ban is working I suggest you break the conf file :) to check local is being loaded (I added the line junk junk junk to the definition and it certainly crashed on a restart plus confirmed in syslog that the recidive.local fails was the cause), my first rule of debugging try and work out whether the files loading.
A bit of guesswork and the following shell command fail2ban-client -dvv status 2>&1 | grep recidive | grep local should show if recidive.local is being read without changing the debug level and ending up in an infinite loop ad per the instructions in the configuration file. You may want to have a look at man fail2ban-client and fail2ban-client get dbpurgeage as possibly recidive works in an entirely different manner. Posting your modified recidive.local might help too, I’m prepared to have a play around on a VM and see if I can trigger an example Ignoreregex > On 2 Aug 2018, at 23:57, Michael Fox <[email protected]> wrote: > > Any ideas? > > Michael > > >> -----Original Message----- >> From: Michael Fox <[email protected]> >> Sent: Wednesday, August 1, 2018 7:14 PM >> To: Fail2Ban-Users Distribution List <fail2ban- >> [email protected]> >> Subject: [Fail2ban-users] recidive filter ignores ignoreregex? >> >> I'm trying to configure an ignoreregex in the recidive.local filter to >> ignore some IPs. But the ignoreregex in recidive seems to be ... ignored. >> >> When I try: >> fail2ban-regex /var/log/fail2ban.log >> /etc/fail2ban/filter.d/recidive.local >> /etc/fail2ban/filter.d/recidive.local >> >> . it appears to work correctly. Namely, failregex = 0 and ignoreregex >> shows >> all of the matches that I configured. >> >> But, when I restart fail2ban, the ignored IPs are banned by recidive >> anyway. >> >> ignoreregex works in other <filter>.local files. But I can't get it to >> work >> in recidive.local. >> >> Ideas? >> >> Thanks, >> Michael >> > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Fail2ban-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/fail2ban-users ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
