I'm trying to get fail2ban working on a DietPi but no matter what I do it won't ban me. I've found quite a few threads about this but just can not get it working, so apologies for any repetition.
Thanks for any help
fail2ban status
**My jail.local:**
**My jail.local:**
[DEFAULT]
enabled = true
ignoreip = 127.0.0.1/8
ignorecommand =
backend = systemd
mode = normal
filter = %(__name__)s[mode=%(mode)s]
findtime = 600
maxretry = 3
bantime = 600
banaction = iptables-multiport
[dropbear]
enabled = true
filter = dropbear
[sshd]
enabled = true
filter = sshdprefregex = ^%(__prefix_line)s(?:[Ll]ogin|[Bb]ad|[Ee]xit).+$
failregex = ^[Ll]ogin attempt for nonexistent user ('.*' )?from :\d+$
^[Bb]ad (PAM )?password attempt for .+ from (:\d+)?$
^[Ee]xit before auth \(user '.+', \d+ fails\): Max auth tries reached - user '.+' from :\d+\s*$
ignoreregex =...
Nov 01 13:01:44 DietPi dropbear: Nov 01 13:01:44 Child connection from IPADDRESS:52290
Nov 01 13:01:44 DietPi dropbear: Nov 01 13:01:44 Failed loading /etc/dropbear/dropbear_dss_host_key
Nov 01 13:01:46 DietPi dropbear: Nov 01 13:01:46 Bad password attempt for 'NAME' from IPADDRESS:52290
Nov 01 13:01:47 DietPi dropbear: Nov 01 13:01:47 Bad password attempt for 'NAME' from IPADDRESS:52290
Nov 01 13:01:48 DietPi dropbear: Nov 01 13:01:48 Bad password attempt for 'NAME' from IPADDRESS:52290
Nov 01 13:01:48 DietPi dropbear: Nov 01 13:01:48 Exit before auth from : (user 'NAME', 3 fails): Exited normally
...Status for the jail: dropbear
|- Filter
| |- Currently failed: 0
| |- Total failed: 0
| `- Journal matches:
`- Actions
|- Currently banned: 0
|- Total banned: 0
`- Banned IP list:
Asked by Argo
(21 rep)
Nov 1, 2024, 01:29 PM