I’m installing Webmin 1.940 on a fresh Debian 10 install.
Everything works just fine except fail2ban.
First I noticed that the default config out-of-the-box is a bit wrong for postfix-sasl
port = smtp,465,submission,imap3,imaps,pop3,pop3s
has to be changed to
port = smtp,465,submission,imap,imaps,pop3,pop3s
after this the jail is working fine.
Now comes my problem:
I want to use recidive to ban recidiveurs for a looong time, on all ports, all protocols.
everything looks ok, no errors or warnings in log files, offenders are detected and banned:
fail2ban log: NOTICE [recidive] Ban xxxxxxx
fail2ban-client status recidive
Status for the jail: recidive
| |- Currently failed: 13
| |- Total failed: 13
- File list: /var/log/fail2ban.log - Actions
|- Currently banned: 13
|- Total banned: 13
`- Banned IP list: xxxxxxx
BUT ips are actually not banned.
I also noticed that
reports only f2b-postfix-sasl
but no f2b-recidive
As I’m quite new to fail2ban with firewallD, I’m probably missing an obvious config.