I just have a query about this tutorial here.
I am sure I am wrong but I would be grateful if someone could explain to me why.
I am running Ubuntu 20.04.
In /etc/fail2ban/jail.conf there is the following stanza:
# "enabled" enables the jails. # By default all jails are disabled, and it should stay this way. # Enable only relevant to your setup jails in your .local or jail.d/*.conf # # true: jail will be enabled and log files will get monitored for changes # false: jail is not enabled enabled = false
The contents of /etc/fail2ban/jail.d/defaults-debian.conf is:
[sshd] enabled = true
It is my understanding that fail2ban reads the configuration files in the following order. Each .local file overrides the settings from the .conf file:
If /etc/fail2ban/jail.local overrides the settings in /etc/fail2ban/jail.d/*.conf
doesn’t that mean when you do
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
that the “enabled = true” directive for [sshd] in etc/fail2ban/jail.d/defaults-debian.conf now gets over written by the “enabled = false” directive in /etc/fail2ban/jail.local?