On Tue, 27 Jul 2021 at 17:17, Pete Biggs pete@biggs.org.uk wrote:
On Tue, 2021-07-27 at 16:43 -0400, H wrote:
Running CentOS 7. I was under the impression - seemingly mistaken - that by adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.* would ban all attempts from that network segment to connect to the server, ie before fail2ban would (eventually) ban connection attempts.
This, however, does not seem correct and I could use a pointer to correct my misunderstanding. How is hosts.deny used and what have I missed?
hosts.deny is only used by specific programs that use TCP wrappers. It is not a general "deny this host access".
Also note that fail2ban operates on individual hosts, not subnets.
[I should have waited and read all my email before responding. Peter covered parts I did not.]