fail2ban bans hosts by reading logs. If the SSH daemon doesn't run on port TCP/22 then it won't generate any log entries for any logins on that port. Hence wanting to do so doesn't make any sense. Should you want to proceed anyway then I suggest you add a firewall logging rule for the port and make fail2ban recognize the log entry. Since the fail2ban source is freely available you shouldn't have any trouble creating the appropriate filter on your own because, with all due respect, I rather spend time on things that do make sense.
|