reopen 373592 !
thanks
Heya,
somehow I didn't try to block several ports until now, so I didn't
figure out that it just doesn't work.
For example:
from jail.conf:
[sasl]
enabled = true
port = smtp,465,587,143,993,110,995,2000
filter = sasl
logpath = /var/log/mail.log
from action.d/iptables.conf:
actionstart = iptables -N fail2ban-<name>
iptables -A fail2ban-<name> -j RETURN
iptables -I FAIL2BAN -p <protocol> -m multiport --dports
<port> -j fail2ban-<name>
actionstop = iptables -D FAIL2BAN -p <protocol> -m multiport --dports
<port> -j fail2ban-<name>
iptables -F fail2ban-<name>
iptables -X fail2ban-<name>
the resulting rule is:
0 [EMAIL PROTECTED]:/etc/fail2ban# iptables -nL | grep sasl
fail2ban-sasl tcp -- 0.0.0.0/0 0.0.0.0/0
multiport dports 25
Chain fail2ban-sasl (1 references)
Obviously the problem here is, that the config option is split at the
commas, and only the first value is used. Unfortunately I didn't find
the place where this happens, and i don;t have the time to read through
the whole code now.
Therefore, it's my wish again to have a well working support for
multiple ports in fail2ban, I'd prefer without using the multipath
module. Adding/deleting several rules in case that there's a list of
ports given should not be a big problem.
Otherwise fail2ban works very well for me.
Cheers,
Bernd
--
Bernd Zeimetz
<[EMAIL PROTECTED]> <http://bzed.de/>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
