Originally Posted by cbj4074
Right; I don't think that fail2ban starts or stops the firewall either.
But as far as I know, fail2ban does re-parse logs when it is started, and adds any qualifying entries to the iptables rules (if not already present).
If this is, in fact, how fail2ban behaves, wouldn't it re-add the IP address in question as soon as fail2ban is restarted?
I wouldn't think so but I don't know the inner workings of fail2ban. I mean I've had my server restarted after fail2ban put in some IPs and seemed like only the rules themselves were loaded. Someone who is more familiar with how it works wil probably be able to better answer it though.