Setting `maxretry` of fail2ban filter to zero

About

Asked 16/10, 2017 at 18:1 Answered 23/9, 2024 at 18:44

Is it possible to set the maxretry parameter of a fail2ban filter to 0 so that every IP will be banned instantly? The client does not complain about this setting but it does not seem to ban IPs either. So I just wanted to ask whether this actually works.

Inexpressive answered 16/10, 2017 at 18:1 Comment(3)

No, I want to ban someone who already got banned before because of attempted exploitation - But then instantly and for a longer time. – Inexpressive 16/10, 2017 at 18:29

For that, you should set a permanent iptable rule on his/her IP if it is ifxed – Colophon 24/10, 2017 at 14:15

I think it's a good question. After all, the name of the parameter is "maxretry", not "maxtry". For me it sounds reasonable that the first try is the zeroth retry. – Kegan 26/10, 2021 at 13:40

If you define maxretry with 1, after first attempt fail2ban ban the ip instantly. Before of first attempt is impossible(logical)

Fr answered 24/5, 2019 at 1:48 Comment(1)

In my understanding, the word maxretry suggest that it's a try after a try, thus a retry, meaning, maxretry = 0 should and will work, banning someone/something right after his/its first try. – Garwin 26/11, 2023 at 18:25

That's true. But banned once, the next attempt also can be banned, if the attempt is within the time

Remote answered 23/9, 2024 at 18:44 Comment(1)

As it’s currently written, your answer is unclear. Please edit to add additional details that will help others understand how this addresses the question asked. You can find more information on how to write good answers in the help center. – Nadianadine 25/9, 2024 at 16:50

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags