Re: [Fail2ban-users] Using fail2ban with nftables

2022-12-04 Thread Andre Rodier
On 04/12/2022 13:25, fail2ban--- via Fail2ban-users wrote: Hi again André. I think You're using Fail2ban as a frontend to create nft rulesets ? I made the choice of delegate their creation to fail2ban, the first time it needs them. Otherwise, I could create them initially in the firewall r

Re: [Fail2ban-users] Using fail2ban with nftables

2022-12-04 Thread fail2ban--- via Fail2ban-users
Hi again André. I think You're using Fail2ban as a frontend to create nft rulesets ? That's not the purpose of Fail2ban - Fail2ban is a program/Python script that, configured correctly, starts up at boot time and keeps running in the background monitoring Your specified logfiles. When doing th

Re: [Fail2ban-users] Using fail2ban with nftables

2022-12-04 Thread fail2ban--- via Fail2ban-users
Hello André. Question: are You having fail2ban running monitoring You're logfiles ? if, I wonder why You will use fail2ban-client! Back to Your response Well I think You got something wrong here. The 'set' command You're using in Your example are the fail2ban-client way of saying 'create' a

Re: [Fail2ban-users] Using fail2ban with nftables

2022-12-03 Thread Andre Rodier
Hello, Finn. Maybe I have an issue with my version ? Here what I have when I use fail2ban with nftables: == fail2ban-client set sshd banip 12.34.56.78 fail2ban-client set sshd banip 12.34.56.79 fail2ban-client set sshd banip 12

Re: [Fail2ban-users] Using fail2ban with nftables

2022-12-03 Thread fail2ban--- via Fail2ban-users
Hi again André. Sorry of course, sets needs to be created separately. But fail2ban uses sets !! when more ip's are coming in it happens automatically. example from my current nft list ruleset : table inet f2b-table { set addr-set-spamdyke { type ipv4_addr

Re: [Fail2ban-users] Using fail2ban with nftables

2022-12-03 Thread Andre Rodier
On Sat, 2022-12-03 at 21:45 +0100, fail2ban--- via Fail2ban-users wrote: > Hi Andre. > > Why the distinguishing between ipv4 and ipv6 in our script when inet > sets up firewall for both in one line ? (the nice thing about nft) > > Regards, > Finn Thanks for the question, Finn. I use nftables s

Re: [Fail2ban-users] Using fail2ban with nftables

2022-12-03 Thread fail2ban--- via Fail2ban-users
Hi Andre. Why the distinguishing between ipv4 and ipv6 in our script when inet sets up firewall for both in one line ? (the nice thing about nft) Regards, Finn Den 03-12-2022 kl. 20:02 skrev Andre Rodier: Hello, I wanted to use fail2ban with nftables, and I was surprise by the tool, not re

[Fail2ban-users] Using fail2ban with nftables

2022-12-03 Thread Andre Rodier
Hello, I wanted to use fail2ban with nftables, and I was surprise by the tool, not really using nftables features, like sets, for instance. I had a look at the configuration, and I ended up using a simple wrapper script, to keep the configuration file readable.