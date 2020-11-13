I just want to make sure I’m doing this right.

I’m installing fail2ban on a local Ubuntu 20.04 server that hosts some local websites I made.

I installed fail2ban because I want to protect access to my server from devices outside my company’s network. Because of this, I want to whitelist our company’s devices so that if we need to access the server, we can do so without trouble.

I created a jail.local file which looks like this at the moment:

[sshd] enabled = true port = ssh filter = sshd logpath = /var/log/auth.log maxretry = 1 bantime = 3d ignoreself = true ignoreip = 127.0.0.1/8 ::1 10.0.0.0/24

So my question is: looking at the ignoreip line and the ignoreself lines, am I correct in saying that the ignoreself in this file whitelists the server itself and the ignoreip in this file will whitelist the devices within the company network (10.0.0.1-254)?

If not, how do I set this up? (For the record, the company IP in this example is not real to prevent brute force and hacking…)