无论设置如何，fail2ban都不禁止任何操作

这是我第一次在这里找不到解决scheme。
所以希望能够解决。

我已经安装了一个新的，新的Ubuntu的最小系统（14.04）与SSH上。
之后，我安装了fail2ban。
我的ssh运行在47629端口

我的jail.conf：

ignoreip = 127.0.0.1 10.14.11.165 bantime = 9999 findtime = 150 maxretry = 3 backend = auto usedns = warn destemail = [email protected] sendername = [email protected] mta = mail chain = INPUT action = %(action_mwl)s [ssh-iptables] enabled = true port = 47629 filter = sshd action = iptables[name=SSH, port=47629, protocol=tcp] sendmail-whois[name=SSH, [email protected], [email protected]] logpath = /var/log/auth.log maxretry = 4 

我的auth.log看起来像这样

• Fail2ban严重exception – 不会阻止ips
• Fail2banlogging正确的IP在光油，但仍然没有locking
• fail2ban：正则expression式来阻止\ x00请求？
• 我试图用fail2ban来对付/xmlrpc.php
• 当请求来自powershell攻击时，fail2ban规则不起作用

 Jan 15 08:16:38 hostweb sshd[5841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.14.11.57 user=root Jan 15 08:16:40 hostweb sshd[5841]: Failed password for root from 10.14.11.57 port 50091 ssh2 Jan 15 08:17:02 hostweb CRON[5843]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 15 08:17:02 hostweb CRON[5843]: pam_unix(cron:session): session closed for user root Jan 15 08:17:02 hostweb CRON[5843]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 15 08:17:02 hostweb CRON[5843]: pam_unix(cron:session): session closed for user root Jan 15 08:17:37 hostweb sshd[5841]: message repeated 5 times: [ Failed password for root from 10.14.11.57 port 50091 ssh2] Jan 15 08:17:37 hostweb sshd[5841]: Disconnecting: Too many authentication failures for root [preauth] Jan 15 08:17:37 hostweb sshd[5841]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.14.11.57 user=root Jan 15 08:17:37 hostweb sshd[5841]: PAM service(sshd) ignoring max retries; 6 > 3 

即使当我设置maxretry = 1它从来没有工作

我在/ etc / ssh / sshd_config中设置

 MaxAuthTries 8 

希望失败2ban首先抓住块，没有成功

提示如何解决这个问题？