Closed ghost closed 1 year ago
Config:
# Prevents banning LAN subnets
ignoreip = 127.0.0.1/8 ::1
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
# The ban action "iptables-multiport" (default) should work for most
# The ban action "iptables-allports" can be used if multiport causes issues
#banaction = %(banaction_allports)s
banaction = iptables-allports[chain="FORWARD"]
# "bantime.increment" allows to use database for searching of previously banned ip's to increase a
# default ban time
bantime.increment = true
# "bantime.maxtime" is the max number of seconds using the ban time can reach (doesn't grow further)
bantime.maxtime = 5j
# "bantime.factor" is a coefficient to calculate exponent growing of the formula or common multiplier
bantime.factor = 24
# "bantime" is the number of seconds that a host is banned.
bantime = 1h
# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
findtime = 24h
# "maxretry" is the number of failures before a host get banned.
maxretry = 5
[sshd]
# configuration inherits from jail.conf
enabled = true
chain = INPUT
action = %(known/action)s
logpath = /var/log/secure
[nginx-badbots]
# configuration inherits from jail.d/nginx-badbots.conf
enabled = true
chain = DOCKER-USER
action = %(known/action)s
logpath = /remotelogs/nginx/access.log
[nginx-botsearch]
# configuration inherits from jail.conf
enabled = true
chain = DOCKER-USER
action = %(known/action)s
logpath = /remotelogs/nginx/error.log
[nginx-limit-req]
enabled = true
chain = DOCKER-USER
filter = nginx-limit-req
action = %(known/action)s
logpath = /remotelogs/nginx/error.log```
Is there an existing issue for this?
Current Behavior
fail2ban is unable to execute bans
Expected Behavior
It works
Steps To Reproduce
Run the container Enable default fail.local Getting banned
Environment
CPU architecture
x86-64
Docker creation
Container logs