fail2ban fails banning

Hi all,

I've setted up fail2ban. The client is running

Code:

gandhi:/var/log# fail2ban-client status ssh
Status for the jail: ssh
|- filter
|  |- File list:        /var/log/auth.log
|  |- Currently failed: 0
|  `- Total failed:     0
`- action
   |- Currently banned: 0
   |  `- IP list:
   `- Total banned:     0
gandhi:/var/log#

and the regex is working

Code:

Success, the total number of match is 15

However, look at the above section 'Running tests' which could contain important
information.
gandhi:/var/log#

For some strange reason fail2ban just fails to ban. What could be wrong?

Thanks!

- Dennis

 

What makes you think that fail2ban isn't working?

 

Well, my auth.log shows me that i'm being brute forced (10+ logins per minute, from the same ip)

Thanks!

 

Do you see that IP in the output of

Code:

iptables -L

?

 

Hi,

Fail2ban DOES make the chain,

Code:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
fail2ban-ssh  tcp  --  anywhere             anywhere            tcp dpt:ssh

As you see, its a bit strange it doesnt ban the ip's.

thanks!

 

Can you post the /etc/fail2ban/jail.conf and /etc/fail2ban/jail.local files?