Hi.
I am unable to start the service to ban mysql.
When I change enable to true a error has displayed and return to false.
Is possible block the mysql ?
Tanks
filter = mysqld-auth points to /etc/fail2ban/filters.d/mysqld-auth.conf.
The filter operates on /var/log/mysqld.log by default. Can you confirm that this logfile is there? On my installation it was in a different location.
journalctl -f -u fail2ban
Will show you the errors after an unsuccessful restart too.
If that turns out to be the case, then you can either change the error log file location in mysql config, or in fail2ban.
However, as this filter is just checking for bad logins from external IP addresses, you probably won’t need it unless you opened up the firewall to allow access to mysql.