I received the following email from fail2ban
Hi, The IP 18.104.22.168 has just been banned by Fail2Ban after 46 attempts against SIP on ast. Regards, Fail2Ban
After 2 failed attempts, I want to ban the IP for a month (this logic works for my setup). But this does not match-up with the above email.
Why was the rogue IP not blocked after 2 attempts? How did it get to make 46 attempts??
Also, my " IP’s that are currently banned." list is not growing.
I think I’m missing something here.