> >
> Actually, it is a rather OS dependent package and the rules for CentOS
> are difficult to write. That really doesn't belong on the fail2ban list
> either.
i have a basic fail2ban with tcp-wrappers & /etc/hosts.deny combo working. i couldnt get the iptables thing working properly.
> You don't need shorewall, just the standard CentOS firewall works fine.
> Just be sure to only enable iptables rules. I have rules working for
> several things. SSH attempts, Dovecot attempts and a rule to block based
> on my Spamhaus setup so that the same spammer doesn't keep loading up
> sendmail with DNS queries.
john, could u share your rules for the dovecot attempts?t