Fail2ban ban forever?

cazz · June 9, 2019, 12:08pm

Hi
I have notice sometime now that my mailserver have to work hard to ban IP addresses.
I have now change so it ban 2 weeks but is it possible to put them in a list that ban them forever or at least a 6 month or a year?

michelandre · June 9, 2019, 12:39pm

Hi cazz

On Security > Fail2ban, you have to check the Recidive jail is perpetual in Web interface then,

 fail2ban-client set recidive banip xxx.xxx.xxx.xxx

or for a range of IP addresses

 fail2ban-client set recidive banip xxx.xxx.xxx.xxx/24

Michel-André

cazz · June 9, 2019, 1:47pm

fail2ban

Well it is check but I dot not understand where I write

fail2ban-client set recidive banip xxx.xxx.xxx.xxx

Do I have to do that from SSH?

michelandre · June 9, 2019, 7:12pm

Hi cazz,

At the server console or at the ssh connection.

Michel-André

cazz · July 9, 2019, 9:21am

Is it possible to run it with a wildcard?
Have now 8 ban from almost same ip address (just the last one is different)

pike · July 9, 2019, 9:35am

@stephdl am i wrong telling that subnet notation can be used only on whitelist, for Fail2ban?

stephdl · July 9, 2019, 11:13am

On holidays, so not in front a computer, but I think I never implemented a wildcard way to ban IP, or for the whitelist textarea @pike

I am quite confident on the job of fail2ban, it will ban on all next attempts, so why to bother to ban a subnet, this is the job of your firewall

pike · July 9, 2019, 12:45pm

Sorry buggin’ you stephdl, have nice holidays

cazz · July 9, 2019, 7:06pm

ok, have to look att my firewall if I going to do something about it
Have a nice holiday