Now I don't know if this is the right place to ask, but I try it.
I have a fail2ban running on my server.
And I have a whitelist called ignoreip in /etc/fail2ban/jail.conf(I is a list of IPs and masks)
I have one nice questions:
- is there a way or a plugin for fail2ban to use a database table instead of the ignoreip list?
Sure, there is a way.
Fail2ban has an
ignorecommandparameter, that you could use to check against SQL database. Here is an example using sqlite.Note: there is parameter
ignorecache, which makes it fast and minimizes load (overhead to check on every failure), but it is relative "fresh" - it was released firstly in 0.10.4 and 0.11.1.