Not sure why I should check auth.log since THERE ARE attempts within syslog:
Quote:
fail2ban-regex /var/log/syslog /etc/fail2ban/filter.d/pure-ftpd.conf
.
.
.
Success, the total number of match is 19
|
the ban action is defined in jail.conf as follows:
Quote:
|
banaction = iptables-multiport
|
I just saw that fail2ban.conf has the option of raising the loglevel to debugging:
Now lets see if anything interesting turns up in fail2ban's log file.
Thanks for helping out so far!