I am setting up a fail2ban instance, everything works fine as expected, but I have been noticing some rules has built-in ports, for example:
...[domino-smtp]port = smtp,ssmtplogpath = /home/domino01/data/IBM_TECHNICAL_SUPPORT/console.log...filter = sshdlogpath = /var/log/auth.logport = ssh...[phpmyadmin-syslog]port = http,httpslogpath = %(syslog_authpriv)sbackend = %(syslog_backend)s...So, when it states that port is ssh or http or whatever, where do fail2ban get these bindings from? How do I know what ports can I use as names and which as just port numbers?