'Re: [Fail2ban-users] CentOS Question'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fail2ban-users
Subject:    Re: [Fail2ban-users] CentOS Question
From:       Nick Howitt <nick () howitts ! co ! uk>
Date:       2016-07-11 18:11:33
Message-ID: a04fae9d-0eb9-7f89-2c79-0408cf2a3fd5 () howitts ! co ! uk
[Download RAW message or body]

iptables should show the ipset set name that the rule is using. I don't 
use ipset with f2b, but here is a snippet from iptables -nvL from my 
machine:

    Chain INPUT (policy DROP 4 packets, 500 bytes)
      pkts bytes target     prot opt in     out source              
    destination
         0     0 ET_BLACK   udp  --  *      * 0.0.0.0/0           
    0.0.0.0/0           match-set blacklistnet src state NEW multiport
    dports 1194,51413
         0     0 ET_BLACK   tcp  --  *      * 0.0.0.0/0           
    0.0.0.0/0           match-set blacklistnet src state NEW tcp dpt:!25
         0     0 ET_BLACK   udp  --  *      * 0.0.0.0/0           
    0.0.0.0/0           match-set blacklist src state NEW
         0     0 ET_BLACK   tcp  --  *      * 0.0.0.0/0           
    0.0.0.0/0           match-set blacklist src state NEW tcp dpt:!25
         0     0 ET_BLOCK   udp  --  *      * 0.0.0.0/0           
    0.0.0.0/0           match-set blocklist src state NEW
    etc

You can clearly see the set name e.g. blacklistnet.

Then, in my case the command "ipset list blacklist" will show all the 
IP's in the blacklist. Google "man ipset" for more commands.

Nick


On 11/07/2016 17:53, Kenneth Porter wrote:
> --On Monday, July 11, 2016 1:23 PM +0200 "Günther J. Niederwimmer"
> <gjn@gjn.priv.at> wrote:
>
>> in my /etc/fail2ban/jail.d/local.conf the
>>
>> banaction = firewallcmd-ipset
>>
>> but I mean this is not working after update to 7.2 ?
>> With CentOS 7 I found all the blocked IPs with
>>
>> iptables -L -n
>>
>> but now nothing ?
> I haven't yet used iptables together with ipset. Does "iptables -L" show
> the contents of the ipsets that it uses? Try using the ipset utility to
> list the ipsets.
>
>
>
> ------------------------------------------------------------------------------
> Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
> Francisco, CA to explore cutting-edge tech and listen to tech luminaries
> present their vision of the future. This family event has something for
> everyone, including kids. Get more information and register today.
> http://sdm.link/attshape
> _______________________________________________
> Fail2ban-users mailing list
> Fail2ban-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/fail2ban-users


------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic