On 08/28/2010 10:13 PM, Yaroslav Halchenko wrote: > > On Sat, 28 Aug 2010, Ralph Katz wrote: >> Yarik, prior to filing the bug, I found nothing in man fail2ban-client >> and fail2ban-server about ports. > because those beasts are just work bees which have no clue about ports > or anything like that ;) > >> Even with your reply, I had to consult >> a linux sys admin to understand that the port needed to be changed in >> /etc/fail2ban/action.d/iptables-multiport.conf . > nope -- wrong location... see below > >> I should have queried debian-user prior to filing the bug. Please >> accept my apology. Also please consider that other users like me may >> look at the man pages and config files and find them lacking. > > yes -- I am sorry about that -- upstream is quite dead atm, but > application is supported by community (and yours truly)... > multiport is iptables filter able to match multiple (but not targetting > all!) ports, so you would need to specify ports to be banned... for ALL > ports see/use iptables-allports.conf > > jail.conf is the ultimate configuration you had to tune (check README* > for the fact that you need to create jail.local with customizations) -- > so check jail.conf and see where/how ports are specified.
I yield. :) Reverted to port 22, will put up with the noise and won't worry about some upgrade breaking anything for other ports. Thanks Yarik! Ralph -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
