Answer the question
In order to leave comments, you need to log in
I
I
icell762020-09-18 10:37:13
icell76, 2020-09-18 10:37:13
Why does iptables(~fail2ban) falsely ban an IP?
I welcome everyone. There are problems on my dedicator. The iptables rules DROP certain client IPs. They don't do anything hacky. And the trick is that the rule to block a certain IP can be written 100 times. There are suspicions that fail2ban blocks. It is also possible to ban because a person connects to IP from different ports. There are no serious rules in iptables, so it should not be blocked. Is there any way to find out which rule bans?
1 answer(s)
@q2digger
D
Dmitry, 2020-09-18 @q2digger
fail2ban should write a log, depending on how the log is configured, it can write to its own /var/log/fail2ban.log or to the system /var/log/syslog
further, you need to check which client address is entered in jail.
what is the table in the firewall?
or look at jails, for example
[email protected]~ $ sudo fail2ban-client status
Status
|- Number of jail: 6
`- Jail list: dovecot, postfix, postfix-auth, postfix-dmitryg, roundcube, sshd
[email protected]~ $ sudo fail2ban-client get postfix banip
195.154.105.61 194.150.215.153 192.168.210.228 93.179.68.35 77.221.146.179 93.186.200.196 62.141.41.5 62.141.46.147 185.17.144.239 212.32.240.228 37.48.90.115 185.17.146.178 85.143.173.42 81.16.141.145
Similar questions
M
S
A
R
V
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question