[CentOS] iptables - how to block established connections with fail2ban?
MRob
mrobti at insiberia.netWed Jun 26 06:41:15 UTC 2019
- Previous message: [CentOS] mplayer
- Next message: [CentOS] iptables - how to block established connections with fail2ban?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I am working to a CentOS 6 server with nonstandard iptables system without rule for ACCEPT ESTABLISHED connections. All tables and chains empty (flush by legacy custom script) so only filter/INPUT chain has rules (also fail2ban chain): Chain INPUT (policy ACCEPT) target prot opt source destination f2b-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 192.168.0.0/16 0.0.0.0/0 ACCEPT all -- 127.0.0.0/8 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:587 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:993 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:995 DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 Chain f2b-postfix (1 references) target prot opt source destination REJECT all -- 200.23.235.30 0.0.0.0/0 reject-with icmp-port-unreachable REJECT all -- 177.11.167.57 0.0.0.0/0 reject-with icmp-port-unreachable RETURN all -- 0.0.0.0/0 0.0.0.0/0 When fail2ban block a IP address, established connections are allowed to continue, but with no rule to accept established connections how is that possible? Why doesn't f2b first rule block established connections?
- Previous message: [CentOS] mplayer
- Next message: [CentOS] iptables - how to block established connections with fail2ban?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list