fail2ban configuration error fix

Unable to set findtime and bantime parameters in fail2ban

If you have this in your /etc/fail2ban/jail.local configuration file:

# "bantime" is the number of seconds that a host is banned.
bantime = 31536000 # 1 year

# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
findtime = 604800 # 7 days

and you get these errors when you restart fail2ban (service fail2ban restart):

WARNING Wrong value for 'findtime' in 'ssh'. Using default one: '600'
WARNING Wrong value for 'bantime' in 'ssh'. Using default one: '600'

change it to this (put the comment on a separate line):

# "bantime" is the number of seconds that a host is banned.
# 1 year
bantime = 31536000

# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
# 7 days
findtime = 604800

This is explained in the following bug report:

fail2ban: Incorrect parsing of commented text after reading a value from config file

If you want to set a permanent ban time, use a negative number.

# "bantime" is the number of seconds that a host is banned.
# permanent ban
bantime = -1

Document Actions