Koozali.org: home of the SME Server

Fail2Ban and Whitelist

Offline Drifting

  • ****
  • 431
  • +0/-0
Fail2Ban and Whitelist
« on: September 16, 2020, 11:29:36 AM »
Hi
Just installed the contrib for failed to ban, seems it does not like our ISP mail server and starts banning it. Have added it to the white list, and it shows on the web console as whitelisted, yet I still get and email saying it is banned? However in the banned part of the console, none show as banned? Did I miss something out here?
Just a quick ask before I go investigating via a shell to the server.

Paul.
Infamy, Infamy, they all have it in for me!

Online ReetP

  • *
  • 3,722
  • +5/-0
Re: Fail2Ban and Whitelist
« Reply #1 on: September 16, 2020, 02:09:41 PM »
First

Code: [Select]
config show fail2ban
Next you can see what settings fail2ban uses and where using this:

Code: [Select]
cd /etc/e-smith/templates
grep -rn fail2ban *

Should show you all the templates where config entries are used.

Likely culprit is here:

Code: [Select]
etc/fail2ban/jail.conf/05IgnoreIP:29:foreach (split /[,;]/, ($fail2ban{'IgnoreIP'} || '')){
So what does you config entry say?

And lets have a look at the actual config file:

Code: [Select]
cat /etc/fail2ban/jail.conf
What's in the 'ignoreip' line?

Also, have you checked /var/log/messages and /var/log/fail2ban/daemon.log ?

Should keep you busy.
...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation