乌班图20.04。尝试为 SSH 配置fail2ban,但fail2ban 未禁止任何 IP
/etc/fail2ban/jail.local
[DEFAULT]
bantime = 10m
ignoreip = 127.0.0.1/8 ##.##.##.##/32 ##.##.##.##/32
findtime = 30m
maxretry = 3
[sshd]
enabled = true
# modes: normal (default), ddos, extra or aggressive (combines all).
#mode = normal
port = ssh,2233
logpath = %(sshd_log)s
backend = %(sshd_backend)s
来自不在ignoreip上的主机进行了20多次错误尝试,但仍然看到这个
fail2ban-client status sshd
Status for the jail: sshd
|- Filter
| |- Currently failed: 0
| |- Total failed: 0
| `- File list: /var/log/auth.log
`- Actions
|- Currently banned: 0
|- …