fail2ban & pure-ftpd

[JeanC]

Edit: solved with sudo chmod a+rw /var/run/fail2ban/fail2ban.sock

Hello,
Fail2ban does not ban authentication failures from pure-ftpd. Anybody can help me?

I used this filter :

Code:

__errmsg = (?:Authentication failed for user|Erreur d'authentification pour l'utilisateur)
failregex = pure-ftpd: \(\?@<HOST>\) \[WARNING\] %(__errmsg)s \[.+\]$
ignoreregex =

This is in jail.conf:

Code:

[pure-ftpd]

enabled  = true
port	 = ftp,ftp-data,ftps,ftps-data
filter   = pure-ftpd
logpath  = /var/log/messages
maxretry = 6

These are in /var/log/messages:

Code:

Mar  9 09:33:24 server pure-ftpd: (?@192.168.1.11) [WARNING] Authentication failed for user [anonymous]

Testing with

Code:

fail2ban-regex /var/log/messages /etc/fail2ban/filter.d/pure-ftpd.conf

yields lots of hits.

'sudo fail2ban-client status' tells me it's running the jail.

Still no bans.

Thanks for help.