CentOS - Mar 2015 - Fail2Ban Centos 7 is there a trick to making it work?

Been working on fail2ban, and trying to make it work with plain Jane 
install of Centos 7

Machine is a HP running 2 Quad core Xeons, 16 gig or ram and 1 plus TB 
of disk space. Very generic and vanilla.

Current available epel repo version is fail2ban-0.9.1

Looking at the log file, fail2ban starts and stops fine, there isn't 
output though showing any login attempts being restricted.

2015-03-09 12:54:37,930 fail2ban.server         [14805]: INFO    Stopping all
jails
2015-03-09 12:54:37,931 fail2ban.server         [14805]: INFO    Exiting
Fail2ban
2015-03-09 12:54:38,338 fail2ban.server         [16678]: INFO    Changed logging
target to /var/log/fail2ban.log for Fail2ban v0.9.1
2015-03-09 12:54:38,341 fail2ban.database       [16678]: INFO    Connected to
fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3'

I copied jail.conf and added the edited jail.local to the directory 
/etc/fail2ban/

This is about as far as I have gotten with searches on how to configure 
with Centos 7.

Any help would be welcome. What am I missing?

john

On Mon, 9 Mar 2015, John Plemons wrote:
> Been working on fail2ban, and trying to make it work with plain Jane 
> install of Centos 7
>
> Current available epel repo version is fail2ban-0.9.1
>
> Looking at the log file, fail2ban starts and stops fine, there isn't
output
> though showing any login attempts being restricted.
Here's the setup I use on CentOS 7 machines:

Packages:
* fail2ban-firewalld-0.9.1-2.el7.noarch
* fail2ban-server-0.9.1-2.el7.noarch
* ipset-6.19-4.el7.x86_64
* rsyslog-7.4.7-7.el7_0.x86_64

Basics of jail.local:

----- %< -----
# /etc/fail2ban/jail.local
[DEFAULT]
banaction = firewallcmd-ipset

[sshd]
enabled  = true
maxretry = 2

[sshd-ddos]
enabled  = true
maxretry = 2
----- %< -----

Once it's up and running, "sudo ipset list" will give you the
status
of IP addresses associated with each ban rule.

-- 
Paul Heinlein
heinlein at madboa.com
45?38' N, 122?6' W