1

fail2ban cannot ban ip on all ports if it's already banned for specific port

view story
linux-howto

http://serverfault.com – I'm using a custom filter in fail2ban to search through it's own log and ban an ip after 5 bans from any of the regular filters. I'm using iptables-allports as action for this. All other filters are configured with iptables-multiport. This is the specific config in jail.conf [fail2ban] enabled = true filter = fail2ban action = iptables-allports[name=fail2ban] logpath = /var/log/fail2ban.log maxretry = 5 findtime = 604800 bantime = 2592000 My filter fail2ban.conf looks like this (redundant comments removed) [Definition] # Count all bans in the logfile failregex = fail2ban.actions: W (HowTos)