I am running FreePBX 126.96.36.199.
Even though I have configured fail2ban to permanently ban IP’s in intrusion detection by setting the ban time to -1, every time I restart freebpx, all the banned IPs are gone, and then it starts banning them again one by one.
I’ve been told that fail2ban v0.9 or greatest uses sqlite3 for it’s datastore so it won’t remove the banned IPs after a restart.
When I run
fail2ban-client -V I get this
When I run
yum info fail2ban I get this
Loaded plugins: fastestmirror, versionlock Loading mirror speeds from cached hostfile Available Packages Name : fail2ban Arch : noarch Version : 0.11.1 Release : 9.el7.2 Size : 15 k Repo : sng-epel/7-8.2003.3.el7.sangoma/x86_64 Summary : Daemon to ban hosts that cause multiple authentication errors URL : http://fail2ban.sourceforge.net/ License : GPLv2+ Description : Fail2Ban scans log files and bans IP addresses that makes too many password : failures. It updates firewall rules to reject the IP address. These rules can : be defined by the user. Fail2Ban can read multiple log files such as sshd or : Apache web server ones. : : Fail2Ban is able to reduce the rate of incorrect authentications attempts : however it cannot eliminate the risk that weak authentication presents. : Configure services to use only two factor or public/private authentication : mechanisms if you really want to protect services. : : This is a meta-package that will install the default configuration. Other : sub-packages are available to install support for other actions and : configurations.
So there are 2 problems here. One is the system shows 2 different veersions of fail2ban, and second, how can I upgrade fail2ban so I can get to a version that permanently bans IP addresses even after a system restart?