On Mon, Apr 20, 2015 at 02:57:36PM +, Peter Berghold wrote:
> I'm using the Puppet Labs firewall module and I noticed much to my
> chagrin that when the agent runs and applies rules it undoes all the
> work that fail2ban did.
I have the following:
firewallchain { 'INPUT:filter:IPv4':
pu
Have a look at pam_shield. It can protect any services that use PAM for
authentication (i.e. ssh, authenticated mail, but not web). It can use
either null-routing or iptables rules for blocking. If you set it to use
null-routing then it doesn't interfere with puppetlabs/firewall - we are
using
Hi,
Ah indeed, I misread the puppetlabs-denyhosts module. I had a look at the
DenyHosts project but that seems limited to SSH alone. My fail2ban has
rules that scan logs of our web servers, mail etc.
--
Daniele Sluijters
On Wednesday, 30 October 2013 01:39:56 UTC+1, Don Hoffman wrote:
>
> On
On reading your message, I think you are perhaps confusing the static Linux
/etc/host.deny mechanism with the DenyHosts project. See
http://denyhosts.sourceforg.net
Don
On Oct 29, 2013, at 5:32 PM, Donald Hoffman wrote:
> On Oct 29, 2013, at 12:00 PM, Daniele Sluijters
> wrote:
>
>> Hi,
On Oct 29, 2013, at 12:00 PM, Daniele Sluijters
wrote:
> Hi,
>
> DenyHosts is not an option for me since I can't predict which hosts will be
> connecting from the outside. Fail2ban solves that issue by looking for odd
> behaviour instead of asking me to whitelist.
>
> Thanks for the suggesti
Hi,
DenyHosts is not an option for me since I can't predict which hosts will be
connecting from the outside. Fail2ban solves that issue by looking for odd
behaviour instead of asking me to whitelist.
Thanks for the suggestion though,
--
Daniele Sluijters
On Tuesday, 29 October 2013 18:22:04
On Oct 29, 2013, at 8:41 AM, Daniele Sluijters
wrote:
> Hello,
>
> A while back I wanted to switch our home-brewed iptables module to the
> puppetlabs/firewall module but I couldn't figure out
> how to tell puppetlabs/firewall to leave the fail2ban chains alone.
>
> I was curious if someone
