Do you know anything about the firewall? It used to block very effectively so I don’t know why it’s let hundreds of pings from this IP go through.
fail2ban is not a firewall, iptables is the firewall, which fail2ban will use when banning. fail2ban is a great tool for checking your log files for possible attacks and banning the source accordingly, but that is all it is, it certainly isn’t complete security solution.
When you fail to login (I assume by ssh), the system will create log entries in
/var/log/auth that the fail2ban ssh rule will spot and ban you as appropriate. So yes it will have protected you from ssh (and possibly other) attacks, but probably no protection at all against ping.
iptables has no configuration by default as far as I know. You can see your current configuration with:
# iptables --list
It will probably have a list of your manually blocked addresses.
If you’re on an Ubuntu system, then you may have ufw installed as a simpler way of controlling iptables.
# ufw status
Would tell you if it is running and what rules are in place. If it is running then search the web for “ufw ping protection” or similar. This article seems quite a good simple introduction to ufw.
Needless to say with a firewall you do need to be very careful not to lock yourself out of your system.
(even blocked me a couple of times when I’d failed to log in correctly a few times)
To protect yourself from being locked out by fail2ban (but not the firewall), you can add:
ignoreip = your.ip.address.here
[DEFAULT] section in your
/etc/fail2ban/jail.conf files (on debian based systems).