Follow

I wonder whether I could have fail2ban watch it’s own log such that anybody that got banned three times for 10min each (the default) would get banned for an 1h or more?

@kensanata

That is certainly possible! And it should be quite easy to write that rule :)

@kensanata that’s not a bad idea. I used to have rolling 30 day reports generated every week and then manually add firewall rules to block any repeat offenders.

It reminds me of the one time we had a ton of dodgy requests coming from thousands of Chinese addresses so we simply added the entire countries address block to the firewall.

@carbontwelve Yeah, I’ve added whole blocks owned by Chinese ISPs in the past. 🤨
Perhaps I have to start looking for a better report on the fail2ban log file.

Sign in to participate in the conversation
Octodon

Octodon is a nice general purpose instance. more