Hi, I'm receiving a ton of attempts to reach services on my network for hosts and/or services that don't exist, presumably in an attempt to compromise those services.
It's at the point where it's consuming a sizable amount of bandwidth. I've tried to write a fail2ban rule on the firewall, which also has shorewall installed, but it won't start because I don't have firewalld also running. Is it possible to use fail2ban without firewalld? I don't need firewalld running on a host where there is already shorewall running. firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p tcp -m multiport --dports domain -m set --match-set fail2ban-firewall src -j REJECT --reject-with icmp-port-unreachable -- returned 252 2016-02-02 10:25:32,258 fail2ban.actions [23608]: ERROR Failed to start jail 'firewall' action 'firewallcmd-ipset': Error starting action Thanks, Alex ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140 _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
