Hi everyone. I am having trouble getting fail2ban to start banning. I've pasted the config file here.
The fail2ban-server is running, because I can see it when I run the "ps -e" command.
My SSH server runs on port 443, so I have changed that in the ssh jail. (Not sure if it is better to edit it in this config file or in /etc/services file).
I want fail2ban to simply block the offending IP address, so I added "action = action_". I am not sure what the different between "banaction" and "action" is.
Finally, I have never touched "iptables" except to run "iptables -L" to see if fail2ban had banned the IP address I was purposely typing a failed password from.
Also, I made sure that the file I am editing is "jail.local" not "jail.conf".
Finally, it looks like fail2ban is being directed to correct log for ssh - "/var/log/auth.log".
Thank you for anyone that takes the time to help me figure this out.