'Re: [Fail2ban-users] whitelist just myself'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fail2ban-users
Subject:    Re: [Fail2ban-users] whitelist just myself
From:       Darac Marjal <mailinglist () darac ! org ! uk>
Date:       2016-07-26 13:50:16
Message-ID: 20160726135016.GA10943 () darac ! org ! uk
[Download RAW message or body]

[Attachment #2 (multipart/signed)]


On Tue, Jul 26, 2016 at 02:56:01AM -0700, thufir wrote:
>Brand new gcloud Linux instance.  New to fail2ban, I want to block
>anyone except myself, across the board.  If I whitelist with:
>
>
>
>Whitelisting is setup in the jail.conf file using a space separated list.
>
>[DEFAULT]
># "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban
>will not
># ban a host which matches an address in this list. Several addresses
>can be
># defined using space separator.
>
>ignoreip = 127.0.0.1 192.168.1.0/24 8.8.8.8
>
>
>
>http://www.fail2ban.org/wiki/index.php/Whitelist
>
>
>
>and input my public IP, how can I then blacklist everyone else?
>Temporarily until I further understand fail2ban.

AFAIK, Fail2ban considers any IP which is NOT in the whitelist to be 
fair game for blocking. It doesn't support a blacklist, per se (that is, 
there is no way to say "These IPs must always be blocked"), because 
that's what your firewall is for. Fail2ban works WITH your firewall, 
adding TEMPORARY blocks for clients which repeatedly fail. If you want 
to permanently block an IP, do so through your usual firewall 
configuration.

>
>
>thanks,
>Thufir
>
>------------------------------------------------------------------------------
>What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
>patterns at an interface-level. Reveals which users, apps, and protocols are
>consuming the most bandwidth. Provides multi-vendor support for NetFlow,
>J-Flow, sFlow and other flows. Make informed decisions using capacity planning
>reports.http://sdm.link/zohodev2dev
>_______________________________________________
>Fail2ban-users mailing list
>Fail2ban-users@lists.sourceforge.net
>https://lists.sourceforge.net/lists/listinfo/fail2ban-users

-- 
For more information, please reread.

["signature.asc" (application/pgp-signature)]

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports.http://sdm.link/zohodev2dev

_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic