Menu
▾
▴
Re: [Fail2ban-users] Drop Established Connection on Ban
|
From: Nick H. <ni...@ho...> - 2021-05-03 07:06:36
|
I think you have to use "conntrack" to dump existing connections from the firewall. On 03/05/2021 01:57, Kenneth Porter wrote: > > --On Sunday, May 02, 2021 6:57 PM -0400 Clive Jacques > <wes...@gm...> wrote: > >> fail2ban notices the failures and >> bans the offending IP in sendmail-reject and shortly thereafter in >> recidive, but the established connection is not dumped and they keep >> testing user names. > > What action are you using? Which firewall? What version/package of > fail2ban and OS? > > A known issue with some versions of firewalld was that only new > connections were banned. > > I suggest using iptables-save to dump your firewall rules to a file, > posting it on a pastebin site, and sharing the pastebin link here for > review. The pastebin means you can delete the file so it won't be > archived in the list archives, and it won't result in a huge mailing > list message. > > > > > _______________________________________________ > Fail2ban-users mailing list > Fai...@li... > https://lists.sourceforge.net/lists/listinfo/fail2ban-users |
