Fail2ban very easy to trigger; relax restriction for strictly LAN workloads

While I understand Fail2ban is set up with security in mind, it is, however, ridiculously easy to trigger and get temporarily blacklisted during normal working conditions. For example, I’ve seen it blacklisting a machine while the user was checking items for their purchase price in multiple tabs, triggering a ban, and become completely unusable.

Is it possible to let F2b to always allow LAN comms for ERPN at least? Any solution to relax F2b restrictions are welcome.

You can whitelist your LAN subnet

vi /etc/fail2ban/jail.conf
#Add all LAN IP’s or ranges (separated with a whitespace) to this line in the file.
ignoreip = 192.168.1.1/24 192.168.0.107
#should be added in the [DEFAULT] section of the file. Save the file and restart Fail2Ban:
service fail2ban restart

More info is available here

3 Likes