Synchro
commented
4 years ago I think you should be able to exempt IPs from all fail2ban processing by adding a fail2ban config file in /etc/jail.d containing something like:
[DEFAULT]
ignoreip = <your ip> <your other ip>If it's in a separate file (why we like .d folders!) it should be upgrade-safe too.
kurucu
When a number of people with a number of devices have accounts on an MAIB, and they are all behind a single NAT, any issues (e.g. one password device being out of sync) quickly turn into Fail2Ban denial of service for the whole team/house.
Could a setting be added to MAIB that allows IP whitelisting to be maintained between upgrades? Perhaps there's a better way to solve the problem (e.g. per-account rather than per public IP address).
I'm afraid I'm not able to offer a resolution/PR for this, at least not yet, as I'm not sufficiently familiar with MAIB.