How do I stop fail2ban re-sending notifications after reboot?

June 15, 2018 161 views
Firewall System Tools Ubuntu 16.04

I've had fail2ban running on my Ubuntu 16.04 droplet for ~7months and it seems to be doing its job.

However, every time I need to do a reboot I get inundated with thousands of fail2ban notifications.

From what I understand fail2ban has a persistent database in '/var/lib/fail2ban/fail2ban.sqlite3' so I'm wondering:

  1. How to check that persistent database is actually being used?
    *note: the database has a recent last modified date/time, so I guess this confirms that at least the IPs being banned are being written to it, but how can I tell that it's actually being read/used?

  2. How to stop email being sent on reboot, if the banned IPs are already in the database?

The nearest relevant article I've found is: https://serverfault.com/questions/158327/fail2ban-save-banned-ips-after-restart but this doesn't make any difference.

I'd appreciate any advice / pointers, as I've been trawling the net and can't really find any decent/definitive articles/tutorials.

Be the first one to answer this question.