have you seen http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=438901 and http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=438901#15 in particular?
On Mon, 22 Aug 2011, Leo 'costela' Antunes wrote: > Package: fail2ban > Version: 0.8.5-1 > Severity: wishlist > Hi, > After reading through #350746, I wonder why iptables-new isn't used by > default for the ssh jail. > I understand and agree with the arguments about possible interactions > with other protocols and thus the reason for not using it per default > for all jails, but at least for ssh, where it's clear new auth attempts > will use new connections, this shouldn't have any sensible drawbacks > while decreasing the "annoyance-factor" of locking yourself out of your > own server (like I just did, while playing with the pubkeys used by > automatic backups :D). -- =------------------------------------------------------------------= Keep in touch www.onerussian.com Yaroslav Halchenko www.ohloh.net/accounts/yarikoptic -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
