Hi All, I'm trying to modify the default netfilter ban action from "reject with icmp port-unreachable" to jumping to a custom chain - to have the kernel to log dropped packets - which with iptables is possible with placeing "[Init] <nl> blocktype = <target>" in action.d/iptables-common.local. This does not work for nftables using nftables-common.local, at least when using "banaction = nftables[type=multiport]".
Having [ https://www.google.com/search?q=fail2ban+jump+to+custom+nft+chain | browsed the net ] have not provided useful clues yet. Any ideas? Thank you very much, Lars
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
