.conf files are distributed by Fail2Ban. It is recommended that .conf files should remain unchanged to ease upgrades. If needed, customizations
should be provided in *.local files. For example, if you would like to enable the [ssh-iptables-ipset] jail specified in jail.conf, create jail.local containing
[ssh-iptables-ipset]
enabled = true
In .local files specify only the settings you would like to change and the rest of the configuration will then come from the corresponding .conf file
which is parsed first.
The example given in the manpage does not work with this role.
To fix this, all attributes must be optional, because they could already be given in jail.conf.
Hi, according to
man jail.conf
:The example given in the manpage does not work with this role.
To fix this, all attributes must be optional, because they could already be given in
jail.conf
.