fail2ban config does not match the gui input parameters

bksales · September 2, 2015, 2:59am

PBX Firmware: 6.12.65-29
FreePBX 12.0.76

it appears that the sysadmin module is adding three lines to the end of the /etc/fail2ban/jail.local file. it correctly adds the values entered in the GUI (bantime, findtime and maxretry) to the top of the file but appends different values at the end of the file.

here are the values that are entered in the gui
[DEFAULT]
ignoreip = 127.0.0.1
bantime = 186400
findtime = 6000
maxretry = 2
backend = auto

and here are the last three lines in the file
bantime = 604800 ; 1 week
findtime = 86400 ; 1 day
maxretry = 20

dicko · September 2, 2015, 3:21am

I believe this belongs in “Commercial Modules” not “General Help”

johnjces · September 2, 2015, 4:08am

My jail.local file shows those exact same last lines while I have entered different ‘stuff’/

@Dicko, I am confised as to why this Q should be under ‘commercial’ since fail2ban is the basic intrusion detection system used by FreePBX and I don’t have the commercial version.

Thanks!

John

dicko · September 2, 2015, 4:15am

You have a problem with the GUI which is part of sysadmin (commercial and closed source) Fail2Ban has been an obvious “basic” add-on for FreePBX users for many years, generally I find it helpful to install it from source, you will have better control

xrobau · September 2, 2015, 4:37am

Note that those are for separate sections.

The default settings are configurable. The recidivist section bans for a week.

[recidive] enabled = true filter = recidive logpath = /var/log/fail2ban.log* action = iptables-allports[name=recidive, protocol=all] bantime = 604800 ; 1 week findtime = 86400 ; 1 day maxretry = 20