Thank you for your reply. I created a file under "jaild." as below:
[vsftpd] enabled = true action = firewallcmd-ipset port = ftp,ftp-data,ftps,ftps-data logpath = %(vsftpd_log)s maxretry = 5 bantime = 86400 I created a "vsftpd.log" file under "/var/log" directory. The Fail2ban service is running, is my configuration wrong? On Monday, August 24, 2020, 04:05:52 PM GMT+4:30, Richard Shaw <hobbes1...@gmail.com> wrote: On Wed, Aug 19, 2020 at 3:16 PM Jason Long via Fail2ban-users <fail2ban-users@lists.sourceforge.net> wrote: > Hello, > I configured Fail2ban for CentOS 8 via > "https://sysadminjournal.com/install-fail2ban-centos/"; but the vsftpd > configuration not worked and fail2ban couldn't run. > What is the correct configuration for vsftpd? > I can't speak to vsftpd specifically, but firewalld in EL 8 uses nftables by default so unless you've changed firewalld to use ipset you shouldn't be using the ipset ban method, nor is it necessary to set the banaction in every jail. By default it's set in /etc/fail2ban/jail..d/00-firewalld.conf: This file is part of the fail2ban-firewalld package to configure the use of # the firewalld actions as the default actions. You can remove this package # (along with the empty fail2ban meta-package) if you do not use firewalld [DEFAULT] port = 0-65535 banaction = firewallcmd-rich-rules[actiontype=<multiport>] banaction_allports = firewallcmd-rich-rules[actiontype=<allports>] Thanks, Richard _______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
