On Mon, 23 Sep 2013, Fabian Greffrath wrote: > thanks for your prompt reply!
> Am Montag, den 23.09.2013, 09:07 -0400 schrieb Yaroslav Halchenko: > > we are working on the features which would occur in some 0.9.x release > > which would make it configurable out-of-the-box, but meanwhile you can > > just easily create an augmented action file where you would have > > customized iptables call with /XX to ban whatever big subnet you like. > So you mean that I should just add /24 to the <ip> placeholder in the > actionban line in /etc/fail2ban/action.d/iptables-multiport.conf ? yes! but better not modify existing one but copy to a new one, modify and then adjust your banaction in jail.local, e.g. > cat /etc/fail2ban/jail.local [DEFAULT] banaction = iptables-multiport24 smth like that ;) -- Yaroslav O. Halchenko, Ph.D. http://neuro.debian.net http://www.pymvpa.org http://www.fail2ban.org Senior Research Associate, Psychological and Brain Sciences Dept. Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755 Phone: +1 (603) 646-9834 Fax: +1 (603) 646-1419 WWW: http://www.linkedin.com/in/yarik -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
