On 7/2/20 3:45 PM, Steve Murphy wrote:
We've been having mysterious non-blockages of attacking sites, where
the site was banned in iptables by fail2ban,
but sliding thru the iptables and being "ACCEPT"-ed. The cause? At
least, on CentOS6, where this happens, the connection
tracking isn't working so hot. SO.... what we do is turn off
connection tracking for that IP, and it then all works as expected.
In fact, I don't even know if fail2ban is actually banning the IP,
because it says "IP is already banned".
Yassine.
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
