Ping a Specific Port

Question

Frank Barcenas

Asked: 2015-11-20 07:53:54 +0800 CST2015-11-20 07:53:54 +0800 CST 2015-11-20 07:53:54 +0800 CST

fail2ban BANTIME not working for SASL

772

My fail2ban bantime does not appear to be working. I still get repeated ban notifications from the same IP within 45 minutes of each other. My bantime is set to 24 hours.

[sasl]
enabled  = true
port     = smtp
filter   = sasl
action = iptables-multiport[name=sasl, port="smtp,ssmtp", protocol=tcp]
    sendmail-whois-lines[name=SASL, [email protected],[email protected], logpath=/var/log/mail.log]
    complain[logpath=/var/log/mail.log]
logpath  = /var/log/mail.log
maxretry = 3
findtime = 10800 # 3 hours
bantime  = 86400 # 24h

This is in /etc/fail2ban/jail.local

1 Answers

Voted

Frank Barcenas · Answer 1 · 2015-11-22T18:34:31+08:00

Best Answer

Frank Barcenas

2015-11-22T18:34:31+08:002015-11-22T18:34:31+08:00

Discovered fail2ban does not like in-line comments.

changed to:

# 3 hours
findtime = 10800
# 24 hrs
bantime  = 86400

and it all began to work correctly.

4

fail2ban BANTIME not working for SASL

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?