On Tue, 27 Jul 2021 at 17:17, Pete Biggs <pete at biggs.org.uk> wrote: > > On Tue, 2021-07-27 at 16:43 -0400, H wrote: > > > Running CentOS 7. I was under the impression - seemingly mistaken - > > > that by adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.* > > > would ban all attempts from that network segment to connect to the > > > server, ie before fail2ban would (eventually) ban connection > > > attempts. > > > > This, however, does not seem correct and I could use a pointer to > > correct my misunderstanding. How is hosts.deny used and what have I > > missed? > > hosts.deny is only used by specific programs that use TCP wrappers. It > is not a general "deny this host access". > > Also note that fail2ban operates on individual hosts, not subnets. > [I should have waited and read all my email before responding. Peter covered parts I did not.] -- Stephen J Smoogen. I've seen things you people wouldn't believe. Flame wars in sci.astro.orion. I have seen SPAM filters overload because of Godwin's Law. All those moments will be lost in time... like posts on BBS... time to reboot.