( Fisher | 2022. 10. 03., h – 12:12 )

Hát nemtom, én feltettem egy zsír új gépre, és hibátlanul működik:

root@s2:/var/log# nft list chain filter  f2b-sshd
table ip filter {
	chain f2b-sshd {
		ip saddr 61.177.172.104 counter packets 6 bytes 616 reject
		ip saddr 61.177.173.50 counter packets 12 bytes 1216 reject
		ip saddr 203.151.83.7 counter packets 22 bytes 1680 reject
		ip saddr 134.195.121.105 counter packets 23 bytes 1700 reject
		ip saddr 61.177.173.36 counter packets 17 bytes 1536 reject
		ip saddr 61.177.172.114 counter packets 17 bytes 1456 reject
		counter packets 814 bytes 77570 return
	}
}
root@s2:/var/log# tail -f fail2ban.log 
2022-10-03 12:00:40,401 fail2ban.actions        [61162]: NOTICE  [sshd] Ban 61.177.173.50
2022-10-03 12:00:41,689 fail2ban.filter         [61162]: INFO    [sshd] Found 61.177.172.104 - 2022-10-03 12:00:41
2022-10-03 12:00:42,414 fail2ban.actions        [61162]: NOTICE  [sshd] Ban 61.177.172.104
2022-10-03 12:00:43,026 fail2ban.actions        [61162]: NOTICE  [sshd] Unban 61.177.173.46
2022-10-03 12:02:43,221 fail2ban.actions        [61162]: NOTICE  [sshd] Unban 218.92.0.208
2022-10-03 12:02:52,129 fail2ban.filter         [61162]: INFO    [sshd] Found 218.92.0.208 - 2022-10-03 12:02:51
2022-10-03 12:02:53,738 fail2ban.filter         [61162]: INFO    [sshd] Found 218.92.0.208 - 2022-10-03 12:02:53
2022-10-03 12:02:57,676 fail2ban.filter         [61162]: INFO    [sshd] Found 218.92.0.208 - 2022-10-03 12:02:57
2022-10-03 12:04:17,614 fail2ban.filter         [61162]: INFO    [sshd] Found 128.199.16.4 - 2022-10-03 12:04:17
2022-10-03 12:04:20,321 fail2ban.filter         [61162]: INFO    [sshd] Found 128.199.16.4 - 2022-10-03 12:04:19
2022-10-03 12:05:05,807 fail2ban.filter         [61162]: INFO    [sshd] Found xx.yy.251.132 - 2022-10-03 12:05:05
2022-10-03 12:05:10,616 fail2ban.filter         [61162]: INFO    [sshd] Found xx.yy.251.132 - 2022-10-03 12:05:10
2022-10-03 12:05:15,610 fail2ban.filter         [61162]: INFO    [sshd] Found xx.yy.251.132 - 2022-10-03 12:05:15
2022-10-03 12:05:23,070 fail2ban.filter         [61162]: INFO    [sshd] Found xx.yy.251.132 - 2022-10-03 12:05:22
2022-10-03 12:05:26,233 fail2ban.filter         [61162]: INFO    [sshd] Found xx.yy.251.132 - 2022-10-03 12:05:26
2022-10-03 12:05:26,683 fail2ban.actions        [61162]: NOTICE  [sshd] Ban xx.yy.251.132

A ban után:

ssh: connect to host s2.zzzzzzzz.hu port 22: Connection timed out

Szóval... amit én próbálnék, hogy apt purge fail2ban és utána install megint, hátha az kifésüli a konfigot.

root@s2:~# grep PRETT /etc/os-release
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"