Question
How do I stop fail2ban re-sending notifications after reboot?
- Posted on June 15, 2018
- FirewallSystem ToolsUbuntu 16.04
Asked by derrickr
I’ve had fail2ban running on my Ubuntu 16.04 droplet for ~7months and it seems to be doing its job.
However, every time I need to do a reboot I get inundated with thousands of fail2ban notifications.
From what I understand fail2ban has a persistent database in ‘/var/lib/fail2ban/fail2ban.sqlite3’ so I’m wondering:
-
How to check that persistent database is actually being used? *note: the database has a recent last modified date/time, so I guess this confirms that at least the IPs being banned are being written to it, but how can I tell that it’s actually being read/used?
-
How to stop email being sent on reboot, if the banned IPs are already in the database?
The nearest relevant article I’ve found is: https://serverfault.com/questions/158327/fail2ban-save-banned-ips-after-restart but this doesn’t make any difference.
I’d appreciate any advice / pointers, as I’ve been trawling the net and can’t really find any decent/definitive articles/tutorials.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!