Hi @all,
i want to ban imap-Logins.
I am using the standard-Fail2ban Configuration.
2018-07-31 23:31:42,152 fail2ban.action [2926]: ERROR iptables
-w -N f2b-courier-auth
iptables -w -A f2b-courier-auth -j RETURN
iptables -w -I INPUT -p tcp -m multiport --dports
smtp,465,submission,imap3,imaps,pop3,pop3s -j f2b-courier-auth -- returned 2
2018-07-31 23:31:42,153 fail2ban.actions [2926]: ERROR Failed
to execute ban jail 'courier-auth' action 'iptables-multiport' info
'CallingMap({'ip': '183.214.236.76', 'ipmatches': <function
Actions.__checkBan.<locals>.<lambda> at 0xb69dc614>, 'ipjailmatches':
<function Actions.__checkBan.<locals>.<lambda> at 0xb69dc5cc>, 'time':
1533072701.5310807, 'failures': 1, 'ipfailures': <function
Actions.__checkBan.<locals>.<lambda> at 0xb69dc584>, 'ipjailfailures':
<function Actions.__checkBan.<locals>.<lambda> at 0xb69dc53c>,
'matches': 'Jul 31 23:04:26 debian imapd: LOGIN FAILED,
user=sebastian_20170228001223_112.211.5.38_holm.er...@glaube-mein-navi.de,
ip=[::ffff:183.214.236.76]'})': Error starting action
I think Fail2ban is unable to extract the IP Adress.
The Login in the mail.log is for example:
Jul 31 23:44:52 debian imapd: LOGIN FAILED, user=xxxxxxxxxxx,
ip=[::ffff:31.29.123.119]
What is wrong?
Tnx
Sebastian
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
