I’ve had fail2ban running on my Ubuntu 16.04 droplet for ~7months and it seems to be doing its job.
However, every time I need to do a reboot I get inundated with thousands of fail2ban notifications.
From what I understand fail2ban has a persistent database in ‘/var/lib/fail2ban/fail2ban.sqlite3’ so I’m wondering:
How to check that persistent database is actually being used? *note: the database has a recent last modified date/time, so I guess this confirms that at least the IPs being banned are being written to it, but how can I tell that it’s actually being read/used?
How to stop email being sent on reboot, if the banned IPs are already in the database?
The nearest relevant article I’ve found is:
https://serverfault.com/questions/158327/fail2ban-save-banned-ips-after-restart but this doesn’t make any difference.
I’d appreciate any advice / pointers, as I’ve been trawling the net and can’t really find any decent/definitive articles/tutorials.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Click below to sign up and get $100 of credit to try our products over 60 days!