github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

FAQ extended with backend parameters

master
Sergey G. Brester 2020-03-30 16:43:38 +02:00
parent 6bcbf268e6
commit 59189e4db9
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
How-fail2ban-works.md

@ -11,7 +11,7 @@ Fail2Ban comes out-of-the-box ready to read many standard log files, such as tho
**[A]** There can be many reasons:
- corresponding jail for scanning the log file or systemd journal is not enabled (or idle). See [here](Proper-fail2ban-configuration) how the jail can be enabled.
- the proper path to the log files (parameter `logpath`) resp. proper journal control parameter `journalmatch` should be set for this jail.
- the proper parameter `backend` (for example `auto` for log files or `systemd` for journal), proper path to the log files (parameter `logpath`) or proper journal control parameter `journalmatch` should be set for this jail.
- the IP goes to ban if it makes at least `maxretry` failures within `findtime` seconds. So if you've configured `maxretry=5` and `findtime=10m` (default values) then it needs at least 5 failures (5 attempts) within 10 minutes to ban an IP.<br/>
Each failure (attempt) will be logged in `fail2ban.log` as:<br/>
` INFO [jail] Found 192.0.2.25`<br/>