On 5/19/19 9:51 AM, Steven Barthen wrote: > Hello > Thanks for you effort. > > As you can see, there are already lots of IPs on the list - i hope that > list is getting less soon. > Many of the IPs on the blacklist are still somehow, connecting to the server > > Is there some timeout on the dynamic blacklist ? How can I avoid bans > are dropped automatically? >
There is no timeout, unless you use an ipset with a timeout. The problem here is that Shorewall blacklisting doesn't protect services handled by Docker. Since you are letting Docker handle SSH, blacklisting isn't effective. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
