[CentOS] faI2ban detecting and banning but nothing happens
Pete Biggs
pete at biggs.org.uk
Fri Apr 19 23:32:43 UTC 2019
>
> The event that triggers the ban does complete as normal, which is what I would
> expect as the ban is triggered by the log entry which is *after* the failed
> attempt.
>
> However, after the /var/log/fail2ban.log showed the IP as banned, I continue
> to see entries in /var/log/exim/main.log
What ban action do you use? If it's something like iptables-multiport,
then I wonder if the fact that it's detecting the failures as
'[dovecot]' means that it's using the dovecot ports, not the exim
ports, when applying the iptable rule.
When a host has been banned, can you look at the iptables rules to see
what is actually being applied.
P.
More information about the CentOS
mailing list