Cisco30 hi if I consult the list of IPs banned by fail2ban do I get this? and if I restart fail2ban I can see the list of unblocked IPs which does not correspond to the one we recently consulted I don’t understand why, thank you for your help
modularo4414 hi i think this is normal. in this list are the manual permanent banned ip adresses. If a ip adress blocked automaticly, you can see it behind the REGEX Tab and the List of blocked IP adresses. If you make a restart of netfilters all banned IPs will be unbanned and only the IPs in the Blacklistbox will be banned from this time.
Cisco30 I don’t block any IP manually, I prefer to let fail2ban manage all that automatically by applying my configuration, because manually blocking all attacking IPs by brute force is simply impossible. By increasing the following delay, my list updates correctly because the connection attempts are taken into account over a longer period of time. Thank you for your help and time.
modularo4414 It looks good. looekedAll IP addresses are baned for e.g. 24 hours. The time period can be found after the IP address. When the time has elapsed, the IP address is released again; you can see this information in the log. I would set the number of failed attempts from 10 to a maximum of 5