On 08/09/2023 19:50, Tim Boneko via Fail2ban-users wrote:
Am Freitag, dem 08.09.2023 um 15:42 +0200 schrieb lejeczek via
how can that be?
Hello L.!
Welcome to the list! We can help you more specific with more specific
information. That IP address is from the 10.x.x.x range which is not
resolved by public DNS. What does
grep "Ban" /var/log/fail2ban.log
say? (This is the default log file in Debian. Don't know about yours.)
If you ping that address, do you get replies?
Cheers,
tim
Hi. It looks to me like a bug.
Fiddling with with _fail2ban_ in "official" manner did
nothing - those IPs would not show up in _fail2ban_
One system would present really clear-cut case - zero bans,
as it should, as was expected from it, yet it had lots of
"old" firewalld's '---direct' rules from the time it should
have had it.
It looks like _fail2ban_ did not pick, ignore those?
I had to manually, for each fail2ban's chain:
-> $ firewall-cmd --direct --remove-rules ipv4 filter
f2b-sshd --permanent
that was really only "fix" for this issue.
Otherwise _fail2ban_ seems to render new bans okey.
I wonder if there is/was an urgent issue there, at least on
Centos 9 package/binaries - anybody here on c9s?
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
