- April 10, 2018 at 7:59 pm
Can you post your ipset list?
I just tested and changing the bantime in ipset config from 600 to anything higher changes the actual bantime. The thing is, IP’s show up in the webgui banlist and fail2ban as banned, but the list is blank in the ipset. So in the end it is a false sense of security, as in two places it says IP’s are banned, but the tool that actually keeps them banned, bans them only for the predefined time in the config file.
The file is located in /etc/fail2ban/action.d/firewallcmd-ipset.local0