Fail2ban recidive with FirewallD on Debian


I’m installing Webmin 1.940 on a fresh Debian 10 install.
Everything works just fine except fail2ban.

First I noticed that the default config out-of-the-box is a bit wrong for postfix-sasl
port = smtp,465,submission,imap3,imaps,pop3,pop3s
has to be changed to
port = smtp,465,submission,imap,imaps,pop3,pop3s
after this the jail is working fine.

Now comes my problem:
I want to use recidive to ban recidiveurs for a looong time, on all ports, all protocols.

everything looks ok, no errors or warnings in log files, offenders are detected and banned:
fail2ban log: NOTICE [recidive] Ban xxxxxxx
fail2ban-client status recidive
Status for the jail: recidive
|- Filter
| |- Currently failed: 13
| |- Total failed: 13
| - File list: /var/log/fail2ban.log - Actions
|- Currently banned: 13
|- Total banned: 13
`- Banned IP list: xxxxxxx

BUT ips are actually not banned.
I also noticed that
ipset list
reports only f2b-postfix-sasl
but no f2b-recidive

As I’m quite new to fail2ban with firewallD, I’m probably missing an obvious config. :frowning:

Any hint?


Hm…That imap3 typo was fixed months ago. I guess something went wrong in deploying that.