fail2ban configuration issues...

Discussion in 'Server Operation' started by hemajanger, May 15, 2009.

  1. hemajanger

    hemajanger New Member

    Dist: Debian 5.0 (lenny)


    I recently got a mail server up and running by following Falko's tutorial on setting up Postfix, Courier, Virtual users in mysql for Debian Lenny. I had a couple issues, but managed to fix it, now the mailserver is up and running nicely. However, upon looking at the mail.log, I noticed what looked like a pop3 dictionary attack. I decided to install fail2ban to block those ip's attempting this. I got it to install ok and thought it was working, but more login attempts were made without any being blocked. My fail2ban jail and conf files are pretty much default with the exception of enabling more jails.

    After running,
    fail2ban-client status
    it shows that only some of the jails, not all that were enabled. It also appears that I can only have a max of 3 jails open. After toggling true/false to enable a jail, i only get combinations of 3. Weird.

    Is there a setting that I missed?

Share This Page