Does jail.local file act as an override to jail.conf or as a replacement to jail.conf?
When I was learning about Fail2Ban from tutorials, most of them usually say either to copy jail.conf to jail.local and make the edits there and some of them says to create a new jail.local file and gives a bunch of settings to copy and paste. But what they don't address is how does jail.local work with jail.conf. These are the 2 scenarios:
Override: If jail.local acts as an override to jail.conf file then all I need to do is only add the necessary configs that I want to override to the default given in jail.conf. In this case I don't need to add SSH config etc.. since it is already included in jail.conf.
Replacement: If jail.conf becomes invalid when jail.local is present, then I need to add all the rules in jail.local and then edit the ones I want modified.
Can you confirm what happens to jail.conf when jail.local is present please? If jail.local acts like just an override on top of jail.conf file, then it is easier for me to just have just those few lines of rules that I want to add to it which also makes it easy for maintaining and readability. What is the best approach on this?
According to the Manual 8 0
"Every .conf file can be overridden with a file named .local. The .conf file is read first, then .local, with later settings overriding earlier ones. Thus, a .local file doesn't have to include everything in the corresponding .conf file, only those settings that you wish to override. Modifications should take place in the .local and not in the .conf. This avoids merging problem when upgrading. These files are well documented and detailed information should be available there."