On 07/27/2021 05:17 PM, Pete Biggs wrote:
> On Tue, 2021-07-27 at 16:43 -0400, H wrote:
>>> Running CentOS 7. I was under the impression - seemingly mistaken -
>>> that by adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.*
>>> would ban all attempts from that network segment to connect to
On 07/28/2021 10:01 AM, Leon Fauster via CentOS wrote:
> On 28.07.21 14:44, Jonathan Billings wrote:
>> On Jul 27, 2021, at 16:43, H wrote:
>>>
>>> |Running CentOS 7. I was under the impression - seemingly mistaken - that
>>> by adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.* would
On 07/28/2021 08:44 AM, Jonathan Billings wrote:
> On Jul 27, 2021, at 16:43, H wrote:
>> |Running CentOS 7. I was under the impression - seemingly mistaken - that
>> by adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.* would ban all
>> attempts from that network segment to connect
On 07/28/2021 05:12 AM, Stephen John Smoogen wrote:
> On Tue, 27 Jul 2021 at 16:43, H wrote:
>> |Running CentOS 7. I was under the impression - seemingly mistaken - that by
>> adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.* would ban all
>> attempts from that network segment to
On 7/28/2021 1:57 PM, Scott Techlist wrote:
Is that an improvement? I'm still running Centos7 so I'm not familiar with it.
https://ungleich.ch/en-us/cms/blog/2018/08/18/iptables-vs-nftables/
___
CentOS mailing list
CentOS@centos.org
>> For what it’s worth, if you use the fail2ban-firewalld package, it uses
>> ipset rather than iptables, which is more efficient.
>
>That’s in CentOS 7 though.
>CentOS 8 firewalld uses nft instead of the older netfilter (iptables/ipset)
>code.
Is that an improvement? I'm still running
On 28.07.21 14:44, Jonathan Billings wrote:
On Jul 27, 2021, at 16:43, H wrote:
|Running CentOS 7. I was under the impression - seemingly mistaken - that by
adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.* would ban all
attempts from that network segment to connect to the
On Jul 28, 2021, at 08:44, Jonathan Billings wrote:
>
> For what it’s worth, if you use the fail2ban-firewalld package, it uses ipset
> rather than iptables, which is more efficient.
That’s in CentOS 7 though. CentOS 8 firewalld uses nft instead of the older
netfilter (iptables/ipset) code.
On Jul 27, 2021, at 16:43, H wrote:
>
> |Running CentOS 7. I was under the impression - seemingly mistaken - that by
> adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.* would ban all
> attempts from that network segment to connect to the server, ie before
> fail2ban would
On Tue, 27 Jul 2021 at 17:17, Pete Biggs wrote:
>
> On Tue, 2021-07-27 at 16:43 -0400, H wrote:
> > > Running CentOS 7. I was under the impression - seemingly mistaken -
> > > that by adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.*
> > > would ban all attempts from that network
On Tue, 27 Jul 2021 at 16:43, H wrote:
>
> |Running CentOS 7. I was under the impression - seemingly mistaken - that by
> adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.* would ban all
> attempts from that network segment to connect to the server, ie before
> fail2ban would
On Tue, 2021-07-27 at 16:43 -0400, H wrote:
> > Running CentOS 7. I was under the impression - seemingly mistaken -
> > that by adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.*
> > would ban all attempts from that network segment to connect to the
> > server, ie before fail2ban would
|Running CentOS 7. I was under the impression - seemingly mistaken - that by
adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.* would ban all
attempts from that network segment to connect to the server, ie before fail2ban
would (eventually) ban connection attempts.
This, however, does
13 matches
Mail list logo
