fail2ban doesnt permanently block

Question

Fail2ban doesn't seem to block permanently.

I have bantime =-1 but if i look a bit later on my iptables its just not there anymore all ill see is

Chain fail2ban-ssh (1 references)
target     prot opt source               destination
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Why is this happening if i set it to -1, is there something else i need to configure?

I'm not familiar with fail2ban but it seems it just adds rules to iptables. It's not reboot-resistant — mveroone, Aug 27 '13 at 15:07
Yeah but i havent rebooted my computer since which is weird. — soniccool, Aug 27 '13 at 15:09

score 1 · Answer 1 · answered Aug 27 '13 at 15:04

1

Fail2ban doesn't have a feature to permanently block.

answered Aug 27 '13 at 15:04

Drew Khoury

So why does it say -1 in the config will make it permanent – soniccool Aug 27 '13 at 15:07
@soniccool That depends on the version of fail2ban. Setting a nice long expiry time - like a year - is the usual solution. Alternatively, store "permabans" in a separate file/iptables rule. – voretaq7 Aug 27 '13 at 15:52
Got it alright! I guess a year will do haha – soniccool Aug 27 '13 at 15:53
If you're happy with my solution you're able to upvote or choose this answer as being the most correct/useful one. – Drew Khoury Feb 15 '14 at 04:34

1 Answers1