Default Actions of Pre-Configured Jails

1.) What is the default action taken by Fail2ban against malicious IPs?

For example, within the GUI for SSHD and the other default enabled jails, I see:

2.) Does this mean that the default configuration for SSHD is not logging malicious IPs**?**

3.) If I add additional actions banactions to default configured jails will they override the defaults that have been set banaction = firewallcmd-ipset ?

NOTE: Through some command line snooping, I was able to figure out that the default action is banaction = firewallcmd-ipset (However, I suggest reflecting that default action in the GUI as it is not intuitively known or explained in documentation)

I see this at the individual jail configuration level for sshd, which defines a log path:

However, after “grepping” for a bit the log doesn’t seem to exist.

3.) Do I need to manually configure and/or define a log for each of the default enabled jails?

4.) Finally, via the GUI, how can I instruct Fail2ban to email me each time an ip is banned?

Also does a “Time to ban IP for” value of -1 still result in a permanent ban of the ip?

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.