Robin Kipp wrote at 2013-09-14 16:08 -0500: > Any workaround for this, or is there a better alternative to Fail2ban?
It seems that fail2ban still does not support ipv6. <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=470417> <https://github.com/fail2ban/fail2ban/issues/39> Perhaps it would work to implement the filtering via iptables or the particular service configuration? You can use the iptables `recent` module to eg. allow only 8 ssh attempts from a source IP in 5 minutes. In ferm syntax (from <https://wiki.debian.org/ferm>): domain (ip ip6) table filter chain INPUT { protocol tcp dport ssh @subchain { mod recent name SSH { set NOP; update seconds 300 hitcount 8 @subchain { LOG log-prefix "Blocked-ssh: " log-level warning; DROP; } } ACCEPT; } }
signature.asc
Description: Digital signature
