1 |
AFAIK fail2ban tails log files to find login failures, but when i try lsof |
2 |
its not reading daemon.log/auth.log/whatever for sshd's login failure |
3 |
messages. |
4 |
|
5 |
# ps -ef | grep fail2 |
6 |
root 518 1 0 Jan01 ? 00:05:22 /usr/bin/python3.4 |
7 |
/usr/lib64/python-exec/python3.4/fail2ban-server -s |
8 |
/run/fail2ban/fail2ban.sock -p /run/fail2ban/fail2ban.pid -x -b |
9 |
root 21407 21250 0 11:45 pts/1 00:00:00 grep --colour=auto fail2 |
10 |
# lsof -p 518 | grep var |
11 |
fail2ban- 518 root 5w REG 9,126 107 263885 |
12 |
/var/log/fail2ban.log |
13 |
fail2ban- 518 root 6u REG 9,126 16384 1180229 |
14 |
/var/lib/fail2ban/fail2ban.sqlite3 |
15 |
# |
16 |
|
17 |
What am I missing? |