Fail2ban : ignore IP from network

when trying to whitelist a subnet in the form I’ll get the response

        "" ist keine IP

to add the network with the commandline works

fail2ban-client set <jail> addignoreip

1 Like

Honestly you find a bug, but I cannot blame me, I use a library use Net::IPv4Addr qw(ipv4_chkip); in that should prevent to use your network, once you expand your template if you look to /etc/fail2ban/jail.local you will see your network truncated. It misses the /24, it is not a blocking bug because the IP doesn’t exist, so I won’t fix it.

I do not want to allow a network from fail2ban, if you want to do it, then add it by the trusted network panel.

Sorry but security is my first concern…when I can :smiley:

So when I add the net as trusted network fail2ban would handle these ip’s like they are on the whitelist or as local network?

Exactly, this post should be marked as good answer (change the bug category to support), when you want to allow a whole network to fail2ban, then set the network in the trusted-network panel and the whole network will be ignored like your local network.

your topic should be changed to ‘Fail2ban : ignore IP from network’