A customised jail with action and filter file for Fail2Ban. This jail is based on the recidive jail but makes use of a simple text file to enable extended and permanent bans.
Thanks for developing this. I've installed, following the instructions. Restarting fail2ban gives an error when it tries to read the compressed .gz format fail2ban logfiles:
2020-07-08 17:50:07,085 fail2ban.jail [13557]: INFO Creating new jail 'blacklist'
2020-07-08 17:50:07,085 fail2ban.jail [13557]: INFO Jail 'blacklist' uses pyinotify {}
2020-07-08 17:50:07,092 fail2ban.jail [13557]: INFO Initiated 'pyinotify' backend
2020-07-08 17:50:07,101 fail2ban.server [13557]: INFO Jail blacklist is not a JournalFilter instance
2020-07-08 17:50:07,102 fail2ban.filter [13557]: INFO Added logfile: '/var/log/fail2ban.log.2.gz' (pos = 581, hash = 52530769d6b9cdd90d587f3503622347572c9120)
2020-07-08 17:50:07,103 fail2ban.filter [13557]: WARNING Error decoding line from '/var/log/fail2ban.log.2.gz' with 'UTF-8'. Consider setting logencoding=utf-8 (or another appropriate encoding) for this jail. Continuing to process line ignoring invalid characters: b'\xb5\xfa\xf1\xcb\ etc etc ... lots more escaped characters.
It then goes on to add the non-compressed fail2ban logfiles and throws no errors.
Changes to logrotate were made as instructed.
Any suggestions?
With thanks.
Thanks for developing this. I've installed, following the instructions. Restarting fail2ban gives an error when it tries to read the compressed .gz format fail2ban logfiles:
2020-07-08 17:50:07,085 fail2ban.jail [13557]: INFO Creating new jail 'blacklist' 2020-07-08 17:50:07,085 fail2ban.jail [13557]: INFO Jail 'blacklist' uses pyinotify {} 2020-07-08 17:50:07,092 fail2ban.jail [13557]: INFO Initiated 'pyinotify' backend 2020-07-08 17:50:07,101 fail2ban.server [13557]: INFO Jail blacklist is not a JournalFilter instance 2020-07-08 17:50:07,102 fail2ban.filter [13557]: INFO Added logfile: '/var/log/fail2ban.log.2.gz' (pos = 581, hash = 52530769d6b9cdd90d587f3503622347572c9120) 2020-07-08 17:50:07,103 fail2ban.filter [13557]: WARNING Error decoding line from '/var/log/fail2ban.log.2.gz' with 'UTF-8'. Consider setting logencoding=utf-8 (or another appropriate encoding) for this jail. Continuing to process line ignoring invalid characters: b'\xb5\xfa\xf1\xcb\ etc etc ... lots more escaped characters.
It then goes on to add the non-compressed fail2ban logfiles and throws no errors.
Changes to logrotate were made as instructed. Any suggestions? With thanks.