On Monday 29 April 2019 17:21:54 Gordon Messmer wrote:
> On 4/29/19 1:44 AM, Gary Stainburn wrote:
> > and the lines are still appearing. Here is my jail.local. (I did also try
> > directly editing jail.conf to update the port commands).
> >
> >
> > [exim]
> > port= 0:65535
>
>
> If that's
On 4/29/19 1:44 AM, Gary Stainburn wrote:
and the lines are still appearing. Here is my jail.local. (I did also try
directly editing jail.conf to update the port commands).
[exim]
port= 0:65535
If that's all that's in jail.local, then the jail shouldn't be enabled.
They're off by
On Monday 29 April 2019 02:21:05 Gordon Messmer wrote:
> That's one approach. I believe that you could modify fewer files by
> setting "port = 0:65535" in your definition in "jail.local" and not
> install firewallcmd-ipset.local.
I have just tried this, and re-started fail2ban. It does not
On 4/26/19 3:50 AM, Gary Stainburn wrote:
I can't remember the other one. I have removed all of the manual amendments so
am now basically set up as initially installed.
This is my process for fail2ban:
1: "yum install fail2ban" This installs fail2ban and fail2ban-firewalld.
2: install
På Sun, 28 Apr 2019 12:59:59 +0100
Pete Biggs skrev:
> > >
> > > /var/log/fail2ban.log is showing that it's working:
> >
> > I have seem similar odd behaviour with f2b with other filters.
> > Try to uninstall the package
> > fail2ban-systemd
> > and stop and start fail2ban again.
> > This
> >
> > /var/log/fail2ban.log is showing that it's working:
>
> I have seem similar odd behaviour with f2b with other filters.
> Try to uninstall the package
> fail2ban-systemd
> and stop and start fail2ban again.
> This might change its behavior to the better.
>
The fail2ban-systemd
På Fri, 26 Apr 2019 11:50:47 +0100
Gary Stainburn
skrev:
> On Friday 19 April 2019 16:15:32 Kenneth Porter wrote:
> > On 4/19/2019 5:30 AM, Gary Stainburn wrote:
> > > I've followed one of the pages on line specifically for
> > > installing fail2ban on Centos 7 and all looks fine.
> >
> >
On Friday 26 April 2019 14:54:43 Pete Biggs wrote:
>
> >
> > I did wonder that myself. I have now amended to Dovecot definition in
> > jail.conf to:
> >
> > [dovecot]
> >
> > port= pop3,pop3s,imap,imaps,submission,sieve,25,1025,465,587
> > logpath = %(dovecot_log)s
> > backend =
>
> I did wonder that myself. I have now amended to Dovecot definition in
> jail.conf to:
>
> [dovecot]
>
> port= pop3,pop3s,imap,imaps,submission,sieve,25,1025,465,587
> logpath = %(dovecot_log)s
> backend = %(dovecot_backend)s
>
> I then unbanned and banned each IP address manually
On Saturday 20 April 2019 00:32:43 Pete Biggs wrote:
> What ban action do you use? If it's something like iptables-multiport,
> then I wonder if the fact that it's detecting the failures as
> '[dovecot]' means that it's using the dovecot ports, not the exim
> ports, when applying the iptable
>
> 2019-04-26 11:43:23,603 fail2ban.filter [7853]: INFO [dovecot] Found
> 185.36.81.165
> 2019-04-26 11:43:24,016 fail2ban.actions [7853]: NOTICE [dovecot]
> 185.36.81.165 already banned
> 2019-04-26 11:44:09,734 fail2ban.filter [7853]: INFO [dovecot] Found
> 45.227.253.100
> 2019-04-26
On Friday 19 April 2019 16:15:32 Kenneth Porter wrote:
> On 4/19/2019 5:30 AM, Gary Stainburn wrote:
> > I've followed one of the pages on line specifically for installing fail2ban
> > on
> > Centos 7 and all looks fine.
>
> Which page? It would help to see what they advised.
> On Friday 19
>
> The event that triggers the ban does complete as normal, which is what I
> would
> expect as the ban is triggered by the log entry which is *after* the failed
> attempt.
>
> However, after the /var/log/fail2ban.log showed the IP as banned, I continue
> to see entries in
On 4/19/2019 5:30 AM, Gary Stainburn wrote:
I've followed one of the pages on line specifically for installing fail2ban on
Centos 7 and all looks fine.
Which page? It would help to see what they advised.
___
CentOS mailing list
CentOS@centos.org
I find csf/lfd much easier to configure and can be used in combination with
fail2ban.
Gary Stainburn wrote:
>I've followed one of the pages on line specifically for installing fail2ban on
>Centos 7 and all looks fine.
>
>I've added a fail regex to /etc/fail2ban/filter.d/exim.conf as suggested
On Friday 19 April 2019 15:19:26 Pete Biggs wrote:
> > I've added a fail regex to /etc/fail2ban/filter.d/exim.conf as suggested
> > on another page:
>
> The standard exim.conf already has a 535 filter. Was that not working
> for you?
I was following the instructions as shown on the page. I did
> I've added a fail regex to /etc/fail2ban/filter.d/exim.conf as suggested on
> another page:
The standard exim.conf already has a 535 filter. Was that not working
for you?
>
>\[\]: 535 Incorrect authentication data
>
> which appears to be successfully matchnig lines in
I've followed one of the pages on line specifically for installing fail2ban on
Centos 7 and all looks fine.
I've added a fail regex to /etc/fail2ban/filter.d/exim.conf as suggested on
another page:
\[\]: 535 Incorrect authentication data
which appears to be successfully matchnig lines
18 matches
Mail list logo
