View Single Post
  #9  
Old 17th February 2013, 00:53
Parsec Parsec is offline
Member
 
Join Date: Jan 2013
Posts: 66
Thanks: 1
Thanked 9 Times in 8 Posts
Default

I was referring to the ssh jail which uses the auth.log simply because this is the one that will get hit the most - more then ftp will. The fail2ban-regex is also just checking that the regex works. Having 19 successful matches doesn't indicate they occurred within the time frame for fail2ban to ban the attempts.
Reply With Quote