--On Sunday, September 01, 2019 11:12 AM +0000 "STR ."
<[email protected]> wrote:
-A INPUT -p tcp -m tcp --dport 22 -j fail2ban_root
-A f2b-sshd -s 90.35.99.248/32 -j REJECT --reject-with icmp-port-
unreachable
-A f2b-sshd -j RETURN
-A fail2ban_root -p tcp -m tcp --dport 22 -j f2b-sshd
-A fail2ban_root -j RETURN
I'm a little surprised that the INPUT->root rule filters on port 22, which
duplicates the check in the root-sshd rule. Some kind of optimization, I
guess, to avoid hunting through the subchains for the match. That means the
INPUT->root rule has to match all ports that you've configured for f2b
matches.
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
