you can use config shipped within fail2ban.conf.shorewall which will use
shorewall to ban/unban, so everything will be very clean (though it
seems now that config doesn't instruct for specific ports to be dropped
:-/) now rules are
fwban = shorewall drop <ip>
fwunban = shorewall allow <ip>
but even if you use iptables directly (default behaviour), I think
that if you restart shorewall it might wipe out all fail2ban rules.
fail2ban will reinit its rules as soon as any fwcheck fails, so no
biggie as fail2ban concern
On Thu, 01 Jun 2006, Chris Withers wrote:
> Hi All,
> Should I expect any negative interactions between Shorewall and fail2ban?
> cheers,
> Chris
--
.-.
=------------------------------ /v\ ----------------------------=
Keep in touch // \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko /( )\ ICQ#: 60653192
Linux User ^^-^^ [175555]
|
