2 Mar
2009
2 Mar
'09
2:53 a.m.
Actually, it is a rather OS dependent package and the rules for CentOS are difficult to write. That really doesn't belong on the fail2ban list either.
i have a basic fail2ban with tcp-wrappers & /etc/hosts.deny combo working. i couldnt get the iptables thing working properly.
You don't need shorewall, just the standard CentOS firewall works fine. Just be sure to only enable iptables rules. I have rules working for several things. SSH attempts, Dovecot attempts and a rule to block based on my Spamhaus setup so that the same spammer doesn't keep loading up sendmail with DNS queries.
john, could u share your rules for the dovecot attempts?t