Sicherheit/config/fail2ban/jail.local

[DEFAULT]
ignoreip = 127.0.0.1/8 ::1
bantime = 1h
findtime = 10m
maxretry = 5
backend = systemd
banaction = ufw
banaction_allports = ufw

action = %(action_mwl)s

[sshd]
enabled = true
mode = aggressive
port = ssh
logpath = %(sshd_log)s
maxretry = 4
findtime = 10m
bantime = 4h

[sshd-ddos]
enabled = true
port = ssh
logpath = %(sshd_log)s
maxretry = 3
findtime = 10m
bantime = 8h

[recidive]
enabled = true
logpath = /var/log/fail2ban.log
banaction = ufw-allports
findtime = 1d
bantime = 7d
maxretry = 5