Fail2Ban keeps banning on restart

linux fail2ban centos7

Solution 1:

Disabling the use of dbfile means that fail2ban loses track of its read position in each file on restart and so reads the whole file leading to the behaviour you've observed.

Adding tail after the filenames in the logpath statements will tell fail2ban to start reading from end of file rather than starting at beginning. That should (I think) give the behaviour you want (or near enough). See docs for more detail. Relevant section is ...

Optional space separated option 'tail' can be added to the end of the path to cause the log file to be read from the end, else default 'head' option reads file from the beginning

However, I'd agree with the implication of Michael Hampton's comment - the right way to deal with this is to reinstate the use of dbfile and use the unban functionality.

Related

Disable fan management on Dell Poweredge SC1425
postfix - allow sending email with related alias
Linux NFS performance vs. other file systems
is clearing the ECN bits from the IP TOS header considered harmfull?
setting minimum size of accepted rsa key
AH01071: Got error 'Primary script unknown
SAML authentication fails with error MSIS7075
Network Balancing / Failover with MPLS and IPSEC Tunnels
Modsecurity : Creating a new Request Header from SecRule
Can anyone recommend a book on Kerberos that mentions AD 2008? [closed]
Centos server not using SWAP properly and getting OOM
How to set right Alt to work as a Win(Super) key?