This was difficult to find so I’m noting it here for future reference. To block all ports with fail2ban, change the jail file’s port value to “0:65535”
For example, here’s my SSH Jail file:
[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=”0:65535″, protocol=tcp]
sendmail-whois[name=SSH, dest=nospam@example.com, sender=nospam@example.com, sendername=”Fail2Ban”]
logpath = /var/log/secure
maxretry = 3
1 Response to How to Block all ports with Fail2ban