For the whitelist to work you should specify: (space separate with quotes) ADAPTIVE_BAN_WHITELIST="10.30.2.0/24 209.62.1.2"
If from the command line you type: -- arno-iptables-firewall restart -- Does it come back with all rules applied? Lonnie On Oct 12, 2011, at 1:45 PM, Fernando Fuentes wrote: > Lonnie, > > ENABLED=1 > > ADAPTIVE_BAN_FILE="/var/log/messages" > > ADAPTIVE_BAN_TIME=120 > > ADAPTIVE_BAN_COUNT=6 > > ADAPTIVE_BAN_TYPES="sshd asterisk" > > ADAPTIVE_BAN_REJECT=0 > > ADAPTIVE_BAN_WHITELIST_INTERNAL=1 > > ADAPTIVE_BAN_WHITELIST=10.30.2.0/24 > ADAPTIVE_BAN_WHITELIST=209.62.1.2 > > Please do note that I also did " " in the ip's and had the same results. > > Thank You, > - > > On Wed, Oct 12, 2011 at 12:41 PM, Lonnie Abelbeck <li...@lonnie.abelbeck.com> > wrote: > Can you post your adaptive ban plugin settings? > > Lonnie > > On Oct 12, 2011, at 12:16 PM, Fernando Fuentes wrote: > > > I am now thinking this is a small bug in the current iptable's > > implementation "adaptive-ban". > > adaptive-ban is stuck in a loop looking for an IP that does not exist. > > Even though I have it white listed its still trying to look for it. This > > happen after a sip device that had the wrong authentication information and > > it was trying to auth aginst the server.. Even though the subnet is white > > listed the adaptive-ban still went crazy on it. The only solution at this > > point is a reboot which is not acceptable. > > > > Any thoughts or ideas on this issue? > > > > user.info firewall: adaptive-ban: /usr/sbin/iptables: (2) iptables v1.4.9: > > host/network `10.30.2.241:5060' not found Try `iptables -h' or 'iptables > > --help' for more information.I am now thinking this is a small bug in the > > current iptable's implementation "adaptive-ban". > > > > Thank You, > > - > > Fernando F. > > ------------------------------------------------------------------------------ > > All the data continuously generated in your IT infrastructure contains a > > definitive record of customers, application performance, security > > threats, fraudulent activity and more. Splunk takes this data and makes > > sense of it. Business sense. IT sense. Common sense. > > http://p.sf.net/sfu/splunk-d2d-oct_______________________________________________ > > Astlinux-users mailing list > > Astlinux-users@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > > > Donations to support AstLinux are graciously accepted via PayPal to > > pay...@krisk.org. > > > ------------------------------------------------------------------------------ > All the data continuously generated in your IT infrastructure contains a > definitive record of customers, application performance, security > threats, fraudulent activity and more. Splunk takes this data and makes > sense of it. Business sense. IT sense. Common sense. > http://p.sf.net/sfu/splunk-d2d-oct > _______________________________________________ > Astlinux-users mailing list > Astlinux-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > pay...@krisk.org. > > ------------------------------------------------------------------------------ > All the data continuously generated in your IT infrastructure contains a > definitive record of customers, application performance, security > threats, fraudulent activity and more. Splunk takes this data and makes > sense of it. Business sense. IT sense. Common sense. > http://p.sf.net/sfu/splunk-d2d-oct_______________________________________________ > Astlinux-users mailing list > Astlinux-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > pay...@krisk.org. ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2d-oct _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
