Very helpful - you need to insert a first IPTABLES command for the new chain:
iptables -N F2B
Make sure you only set one "banaction" in /etc/fail2ban/jail.local (if you copied it from jail.conf).
Also change /etc/logrotate.d/fail2ban to work for the non root user.
If you are running the latest dropbear (1.4) not OpenSSH:
Correct the fail2ban regex filter to have capital "L"ogin & "B"ad:in /etc/fail2ban/filter.d/dropbear.conf:
failregex = ^%(__prefix_line)sLogin attempt for nonexistent user ('.*' )?from <HOST>:.*\s*$
^%(__prefix_line)sBad password attempt for .+ from <HOST>:.*\s*$
Very helpful - you need to insert a first IPTABLES command for the new chain:
Make sure you only set one "banaction" in /etc/fail2ban/jail.local (if you copied it from jail.conf).
Also change /etc/logrotate.d/fail2ban to work for the non root user.
If you are running the latest dropbear (1.4) not OpenSSH:
Correct the fail2ban regex filter to have capital "L"ogin & "B"ad:in /etc/fail2ban/filter.d/dropbear.conf:
** Looks like the lastest Dropbear deb package from http://cdn.content-network.net/mirror/apt.balocco.name has now incorporated this correction **