github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

adjusted description of bantime/findtime in README.Debian (closes: #507771)

debian-releases/squeeze
Yaroslav Halchenko 2009-01-18 11:56:20 -05:00
parent 342c40c7b0
commit de98375553
1 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
debian/README.Debian vendored
View File

@ -190,10 +190,21 @@ by fail2ban.
An IP is banned for "bantime" not since the last failed login attempt
from the IP, but rather since the moment when failed login was
detected by fail2ban. Thus, if fail2ban gets [re]started, any IP which
had enough of failed logins within "findtime" will be banned for
had enough of failed logins with durations less than "findtime" between
them prior to the [re]start moment, will be banned for
"bantime" since [re]start moment, not since the last failed login
time.
* Findtime:
"Findtime" option of a jail actually defines a duration to reset the
counter of failed login attempts, if no new attempt was detected within
that time frame (i.e. within "findtime").
See
http://www.fail2ban.org/wiki/index.php/MANUAL_0_8#Jail_Options
for more information on jail options.
* Syslog entries can be 'forged' by a regular user