permanently ban an IP with fail2ban

January 14, 2015

it’s easy to permanently ban an IP with fail2ban though it might not seem that way at first. the jail you’re configuring (often SSH) should contain lines a bit like this:

bantime = 600
findtime = 600
maxretry = 3

the trick is to put a minus sign before the bantime seconds. so if you want to ban an IP permanently you should change it to look like this:

bantime = -600
findtime = 600
maxretry = 3

then you’ll need to restart the service with

service restart fail2ban

or whatever.

tags: , , , ,
posted in linux by col

Follow comments via the RSS Feed | Leave a comment

Leave Your Comment

 
© cloudplasma 2009 - 2016