Fail2ban ban forever?

Hi
I have notice sometime now that my mailserver have to work hard to ban IP addresses.
I have now change so it ban 2 weeks but is it possible to put them in a list that ban them forever or at least a 6 month or a year?

Hi cazz

On Security > Fail2ban, you have to check the Recidive jail is perpetual in Web interface then,

 fail2ban-client set recidive banip xxx.xxx.xxx.xxx

or for a range of IP addresses

 fail2ban-client set recidive banip xxx.xxx.xxx.xxx/24

Michel-André

1 Like

fail2ban

Well it is check but I dot not understand where I write

fail2ban-client set recidive banip xxx.xxx.xxx.xxx

Do I have to do that from SSH?

1 Like

Hi cazz,

At the server console or at the ssh connection.

Michel-André

Is it possible to run it with a wildcard?
Have now 8 ban from almost same ip address (just the last one is different)

@stephdl am i wrong telling that subnet notation can be used only on whitelist, for Fail2ban?

On holidays, so not in front a computer, but I think I never implemented a wildcard way to ban IP, or for the whitelist textarea @pike

I am quite confident on the job of fail2ban, it will ban on all next attempts, so why to bother to ban a subnet, this is the job of your firewall

Sorry buggin’ you stephdl, have nice holidays

1 Like

ok, have to look att my firewall if I going to do something about it :slight_smile:
Have a nice holiday

1 Like