[Philippe_H]

this is accounted for. By default you have a whitelist containing local lan IP ;)

[remram]

Yeah I have 10+ machines with fail2ban configured and 0 of them on my LAN though.

[Philippe_H]

well just whitelist your Public IPs or use a combo of IPset & port knockd. Works fine for me for variable IPs.

[fulafel]

LAN addresses, eh? People do still use internet addressing on our networks despite the consumer CPE vendors increasingly trying to sell you NAT stockholm syndrome :)

[pantalaimon]

the machines i'm ruining fail2ban on are on public networks, not my LAN.

[rhizome]

You don't use static IPs for managing systems?