I have fail2ban install protecting my vsftpd server. Occasionally someone tries to get in and a hostname instead of an IP is shown in the secure log. This pretty much gets ignored by fail2ban and the person is allowed to keep trying. Is there a way I can make fail2ban resolved this hostnames or add the hostnames themselves to iptables?
Example, this was in my /var/log/secure 118 times this morning:
Feb 15 09:35:44 bighat vsftpd: pam_succeed_if(vsftpd:auth): error retrieving information about user Administrator
Feb 15 09:35:50 bighat vsftpd: pam_unix(vsftpd:auth): check pass; user unknown
Feb 15 09:35:50 bighat vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=Administrator rhost=bluesponge.com