Hello, Finn.
Maybe I have an issue with my version ?
Here what I have when I use fail2ban with nftables:
==
fail2ban-client set sshd banip 12.34.56.78
fail2ban-client set sshd banip 12.34.56.79
fail2ban-client set sshd banip 12
Hi again André.
Sorry of course, sets needs to be created separately.
But fail2ban uses sets !! when more ip's are coming in it happens
automatically.
example from my current nft list ruleset :
table inet f2b-table {
set addr-set-spamdyke {
type ipv4_addr
On Sat, 2022-12-03 at 21:45 +0100, fail2ban--- via Fail2ban-users wrote:
> Hi Andre.
>
> Why the distinguishing between ipv4 and ipv6 in our script when inet
> sets up firewall for both in one line ? (the nice thing about nft)
>
> Regards,
> Finn
Thanks for the question, Finn.
I use nftables s
Hi Andre.
Why the distinguishing between ipv4 and ipv6 in our script when inet
sets up firewall for both in one line ? (the nice thing about nft)
Regards,
Finn
Den 03-12-2022 kl. 20:02 skrev Andre Rodier:
Hello,
I wanted to use fail2ban with nftables, and I was surprise by the tool, not
re
Hello,
I wanted to use fail2ban with nftables, and I was surprise by the tool, not
really using nftables features, like sets,
for instance.
I had a look at the configuration, and I ended up using a simple wrapper
script, to keep the configuration file
readable.
