On Sat, 28 Aug 2010, Ralph Katz wrote:
> Yarik, prior to filing the bug, I found nothing in man fail2ban-client
> and fail2ban-server about ports.
because those beasts are just work bees which have no clue about ports
or anything like that ;)
> Even with your reply, I had to consult
> a linux sys admin to understand that the port needed to be changed in
> /etc/fail2ban/action.d/iptables-multiport.conf .
nope -- wrong location... see below
> I should have queried debian-user prior to filing the bug. Please
> accept my apology. Also please consider that other users like me may
> look at the man pages and config files and find them lacking.
yes -- I am sorry about that -- upstream is quite dead atm, but
application is supported by community (and yours truly)...
multiport is iptables filter able to match multiple (but not targetting
all!) ports, so you would need to specify ports to be banned... for ALL
ports see/use iptables-allports.conf
jail.conf is the ultimate configuration you had to tune (check README*
for the fact that you need to create jail.local with customizations) --
so check jail.conf and see where/how ports are specified.
--
.-.
=------------------------------ /v\ ----------------------------=
Keep in touch // \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko /( )\ ICQ#: 60653192
Linux User ^^-^^ [175555]
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
