Hi, I'm using fail2ban-0.9.3 on fedora22 and have configured it with firewalld and ipset. I'm more familiar with iptables, not this new firewalld layout, so I'm really not sure how to tell if it's working properly.
I have a postfix-sasl jail configured as such: [postfix-sasl] #port = smtp,465,submission port = smtp,587,submission logpath = %(postfix_log)s enabled = true logencoding=utf-8 /var/log/fail2ban.log shows these entries: fail2ban.filter [19398]: INFO [postfix-sasl] Found 12.234.0.173 fail2ban.actions [19398]: NOTICE [postfix-sasl] Ban 12.234.0.173 ipset list shows me: Name: fail2ban-postfix-sasl Type: hash:ip Revision: 4 Header: family inet hashsize 1024 maxelem 65536 timeout 5200 Size in memory: 1856 References: 1 Members: 12.234.0.173 timeout 4068 179.189.205.12 timeout 152 184.2.47.206 timeout 390 113.69.178.121 timeout 1522 Does this say that 12.234.0.173 is indeed currently blocked on port 589 for the next 4068 seconds? firewalld is running, but I don't know how to produce a list of all IPs that are currently being blocked. "iptables -nL", as I usually would run, shows there are no entries for any of the chains that are listed (except for 192.168.122.0/24 as part of virbr0). Does that mean the rules aren't being added properly by fail2ban? ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
