Steps to configure:

  1. Copy /etc/fail2ban/jail.conf to /etc/fail2ban/jail.local
  2. Enable jail by: enabled = yes
  3. Do not forget to enable your internal IPs
# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not
# ban a host which matches an address in this list. Several addresses can be
# defined using space (and/or comma) separator.
ignoreip = {{ ansible_eth0.ipv4.address }} {{ ansible_eth1.ipv4.address }}

Good Note from

You could define actions that insert directly into you mysql database like:

actionban = printf %%b "insert into table('ban', '<ip>', <failures>, '<name>');" | mysql -u user, --password=password database

Have also à look to following web page:

Here is an other example with “actionban”

actionban = /home/all/scripts/ ban <ip>
#You need actionban to do something every time a ban triggers.

Source : Extend Fail2ban to send text messages every time a user/bot gets banned

Testing Regexp

$ fail2ban-regex ./test.log '^.: NOQUEUE: reject: CONNECT from \S+[]: .$'


fail2ban with mysql