Fail2ban - creating second sshd-jail for docker-container log does not work Fail2ban - creating second sshd-jail for docker-container log does not work docker docker

Fail2ban - creating second sshd-jail for docker-container log does not work


Problem is "solved". The docker container simply used a different timezone than the host and the logfile timestamps didnt contain the timezone.

So fail2ban assumed the timestamps were written in the same timezone as it´s running environment (on host) and didn´t interprete "old" log entries (2 hr. diff).

See https://github.com/fail2ban/fail2ban/issues/2486

I simply set the host timezone to UTC now - but will try now to set rsyncd to use a timezoned dateformat