Configure intrusion attempts to CentOS 7 server using fail2ban with reporting to blocklist.de - described at http://supratim-sanyal.blogspot.com/2016/09/fail2ban-for-centos-7-with-ip-and.html

jail.local

#
#/etc/fail2ban/jail.local
#

[DEFAULT]
banaction = iptables-ipset-proto4

# Whitelist private IPs, blocklist.de IPs and Uptime Robot IPs
ignoreip = 127.0.0.1/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 89.149.254.157 89.149.237.105 89.149.242.40 80.67.29.225 80.67.16.214 78.46.95.41 89.149.201.23 85.181.13.140 178.63.159.40 78.46.91.247 78.46.91.239 69.162.124.226 69.162.124.227 69.162.124.228 69.162.124.229 69.162.124.230 69.162.124.231 69.162.124.232 69.162.124.233 69.162.124.234 69.162.124.235 69.162.124.236 69.162.124.237 69.162.124.238 46.137.190.132 122.248.234.23 188.226.183.141 178.62.52.237 54.79.28.129 54.94.142.218 104.131.107.63 54.67.10.127 54.64.67.106 159.203.30.41 46.101.250.135 108.31.82.24

# look for intrusions in last 10 minutes (in seconds)
findtime  = 600
# blocklist.de unbans after 48 hours, I do the same. This is in seconds.
bantime = 172800
# number of authentication failures to get banned
maxretry = 10

destemail = fail2ban@dyn.blocklist.de
sender = fail2ban@sanyalnet-cloud-vps.freeddns.org
action = %(action_mwl)s

[sshd]
enabled = true

[sshd-ddos]
enabled = true

[postfix]
enabled = true

[postfix-rbl]
enabled = true

[sendmail-auth]
enabled = true

[sendmail-reject]
enabled = true

[dovecot]
enabled = true
maxretry = 2