On Mon, 2010-08-09 at 00:38 +0000, Joseph L. Casale wrote:
> I created a filter and verified it with fail2ban-regex against
> actual lines in my log and it works. During restarts of fail2ban,
> only some previous ip's get banned immediately whereas some need a
> reoccurrence despite the jail's config specification of maxretry and
> findtime suggesting the entries mandate blocking.
>
> I'd assume the behavior after a restart is noe way if it weren't for
> the seemingly random immediate notification of blocks being different?
>
> Anyone with experience using fail2ban know anything about this?
>
> Thanks,
> jlc
---
Stop it at the Edge Router not the machine. Adding layers of security
become problems like you are getting. Ban the ip block with iptables.
John
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
