Lonnie,
ENABLED=1
ADAPTIVE_BAN_FILE="/var/log/messages"
ADAPTIVE_BAN_TIME=120
ADAPTIVE_BAN_COUNT=6
ADAPTIVE_BAN_TYPES="sshd asterisk"
ADAPTIVE_BAN_REJECT=0
ADAPTIVE_BAN_WHITELIST_INTERNAL=1
ADAPTIVE_BAN_WHITELIST=10.30.2.0/24
ADAPTIVE_BAN_WHITELIST=209.62.1.2
Please do note that I also did " " in the ip's and had the same results.
Thank You,
-
On Wed, Oct 12, 2011 at 12:41 PM, Lonnie Abelbeck <li...@lonnie.abelbeck.com
> wrote:
> Can you post your adaptive ban plugin settings?
>
> Lonnie
>
> On Oct 12, 2011, at 12:16 PM, Fernando Fuentes wrote:
>
> > I am now thinking this is a small bug in the current iptable's
> implementation "adaptive-ban".
> > adaptive-ban is stuck in a loop looking for an IP that does not exist.
> > Even though I have it white listed its still trying to look for it. This
> happen after a sip device that had the wrong authentication information and
> it was trying to auth aginst the server.. Even though the subnet is white
> listed the adaptive-ban still went crazy on it. The only solution at this
> point is a reboot which is not acceptable.
> >
> > Any thoughts or ideas on this issue?
> >
> > user.info firewall: adaptive-ban: /usr/sbin/iptables: (2) iptables
> v1.4.9: host/network `10.30.2.241:5060' not found Try `iptables -h' or
> 'iptables --help' for more information.I am now thinking this is a small bug
> in the current iptable's implementation "adaptive-ban".
> >
> > Thank You,
> > -
> > Fernando F.
> >
> ------------------------------------------------------------------------------
> > All the data continuously generated in your IT infrastructure contains a
> > definitive record of customers, application performance, security
> > threats, fraudulent activity and more. Splunk takes this data and makes
> > sense of it. Business sense. IT sense. Common sense.
> >
> http://p.sf.net/sfu/splunk-d2d-oct_______________________________________________
> > Astlinux-users mailing list
> > Astlinux-users@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/astlinux-users
> >
> > Donations to support AstLinux are graciously accepted via PayPal to
> pay...@krisk.org.
>
>
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure contains a
> definitive record of customers, application performance, security
> threats, fraudulent activity and more. Splunk takes this data and makes
> sense of it. Business sense. IT sense. Common sense.
> http://p.sf.net/sfu/splunk-d2d-oct
> _______________________________________________
> Astlinux-users mailing list
> Astlinux-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to
> pay...@krisk.org.
>
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.
