Would you mind to do some QA testing
Basically install nethserver-fail2ban from testing
yum install nethserver-fail2ban --enablerepo=nethserver-testing
then try to auto ban yourself from AMI or wait that other do it for you
Thank in advance
Will do tonight. Thanks!
Everything up and running. Now harvasting attempts.
as per previous message, I installed the testing update. However I still get emails from fail2ban of 100+ or 200+ attempts:
The IP 18.104.22.168 has just been banned by Fail2Ban after
283 attempts against asterisk.
Here is more information about 22.214.171.124
fail2ban-regex /var/log/asterisk/full /etc/fail2ban/filter.d/asterisk.conf --print-all-missed
shows no attempts (just normal asterisk log entries)
Would it be possible that the mails be about ‘cached’ banned IP’s or something like that?
I wonder if I miss a jail?
check the maxretry set for this jail, after that the
--print-all-matched could be interested also, we could known what was caught
verified and released as update