Hi all,

Thank you to everyone who took the time to respond.

I wrote manual scripts to parse the logs and now permanently ban SSH and
Apache attack attempts using nftables only. I will add more patterns to
filter with time.

I also tried to report the issue with fail2ban to the Devuan developers
using the reportbug tool, but I did not receive a confirmation email, so
I am not sure whether the report was successfully submitted to their server.

On 07/11/2025 15:28, Nick Rickard via Dng wrote:
>> Thanks for your reply.
>> I am afraid in maintainer provided /etc/fail2ban/jail.conf the backend
>> setting is already set to auto by default.
>>
>> $ grep "backend =" /etc/fail2ban/jail.conf
>
> Might be worth rerunning that command as
> $ grep "backend =" /etc/fail2ban/*
> to check one of the other config files hasn't overwritten that backend
> setting.
>
> However...
> > fail2ban                [31993]: ERROR   NOK: (38, 'Function not
> implemented')
>
> Searching on the error message yields this:
> https://dev1galaxy.org/viewtopic.php?pid=57444#p57444
> which suggest a python library version / dependency issue.
>
> $ apt install python3-pyinotify
>
> seemed to fix it for that user. I have
>    python3-pyinotify is already the newest version (0.9.6-5).
> on mine alongside
>    fail2ban is already the newest version (1.1.0-8).
> _______________________________________________
> Dng mailing list
> Dng@???
> Manage your subscription: https://mailinglists.dyne.org/cgi-bin/mailman/
> listinfo/dng
> Archive: https://lists.dyne.org/lurker/list/dng.en.html


--
With kindest regards, Piotr.