Lonnie,
Thanks for the suggestion. I also tried that and had no results. Just to
make sure I did it again and the same issue came up.
On Wed, Oct 12, 2011 at 1:56 PM, Lonnie Abelbeck
<li...@lonnie.abelbeck.com>wrote:
> For the whitelist to work you should specify: (space separate with quotes)
>
> ADAPTIVE_BAN_WHITELIST="10.30.2.0/24 209.62.1.2"
>
> If from the command line you type:
> --
> arno-iptables-firewall restart
> --
> Does it come back with all rules applied?
>
> Lonnie
>
>
> On Oct 12, 2011, at 1:45 PM, Fernando Fuentes wrote:
>
> > Lonnie,
> >
> > ENABLED=1
> >
> > ADAPTIVE_BAN_FILE="/var/log/messages"
> >
> > ADAPTIVE_BAN_TIME=120
> >
> > ADAPTIVE_BAN_COUNT=6
> >
> > ADAPTIVE_BAN_TYPES="sshd asterisk"
> >
> > ADAPTIVE_BAN_REJECT=0
> >
> > ADAPTIVE_BAN_WHITELIST_INTERNAL=1
> >
> > ADAPTIVE_BAN_WHITELIST=10.30.2.0/24
> > ADAPTIVE_BAN_WHITELIST=209.62.1.2
> >
> > Please do note that I also did " " in the ip's and had the same results.
> >
> > Thank You,
> > -
> >
> > On Wed, Oct 12, 2011 at 12:41 PM, Lonnie Abelbeck <
> li...@lonnie.abelbeck.com> wrote:
> > Can you post your adaptive ban plugin settings?
> >
> > Lonnie
> >
> > On Oct 12, 2011, at 12:16 PM, Fernando Fuentes wrote:
> >
> > > I am now thinking this is a small bug in the current iptable's
> implementation "adaptive-ban".
> > > adaptive-ban is stuck in a loop looking for an IP that does not exist.
> > > Even though I have it white listed its still trying to look for it.
> This happen after a sip device that had the wrong authentication information
> and it was trying to auth aginst the server.. Even though the subnet is
> white listed the adaptive-ban still went crazy on it. The only solution at
> this point is a reboot which is not acceptable.
> > >
> > > Any thoughts or ideas on this issue?
> > >
> > > user.info firewall: adaptive-ban: /usr/sbin/iptables: (2) iptables
> v1.4.9: host/network `10.30.2.241:5060' not found Try `iptables -h' or
> 'iptables --help' for more information.I am now thinking this is a small bug
> in the current iptable's implementation "adaptive-ban".
> > >
> > > Thank You,
> > > -
> > > Fernando F.
> > >
> ------------------------------------------------------------------------------
> > > All the data continuously generated in your IT infrastructure contains
> a
> > > definitive record of customers, application performance, security
> > > threats, fraudulent activity and more. Splunk takes this data and makes
> > > sense of it. Business sense. IT sense. Common sense.
> > >
> http://p.sf.net/sfu/splunk-d2d-oct_______________________________________________
> > > Astlinux-users mailing list
> > > Astlinux-users@lists.sourceforge.net
> > > https://lists.sourceforge.net/lists/listinfo/astlinux-users
> > >
> > > Donations to support AstLinux are graciously accepted via PayPal to
> pay...@krisk.org.
> >
> >
> >
> ------------------------------------------------------------------------------
> > All the data continuously generated in your IT infrastructure contains a
> > definitive record of customers, application performance, security
> > threats, fraudulent activity and more. Splunk takes this data and makes
> > sense of it. Business sense. IT sense. Common sense.
> > http://p.sf.net/sfu/splunk-d2d-oct
> > _______________________________________________
> > Astlinux-users mailing list
> > Astlinux-users@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/astlinux-users
> >
> > Donations to support AstLinux are graciously accepted via PayPal to
> pay...@krisk.org.
> >
> >
> ------------------------------------------------------------------------------
> > All the data continuously generated in your IT infrastructure contains a
> > definitive record of customers, application performance, security
> > threats, fraudulent activity and more. Splunk takes this data and makes
> > sense of it. Business sense. IT sense. Common sense.
> >
> http://p.sf.net/sfu/splunk-d2d-oct_______________________________________________
> > Astlinux-users mailing list
> > Astlinux-users@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/astlinux-users
> >
> > Donations to support AstLinux are graciously accepted via PayPal to
> pay...@krisk.org.
>
>
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure contains a
> definitive record of customers, application performance, security
> threats, fraudulent activity and more. Splunk takes this data and makes
> sense of it. Business sense. IT sense. Common sense.
> http://p.sf.net/sfu/splunk-d2d-oct
> _______________________________________________
> Astlinux-users mailing list
> Astlinux-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to
> pay...@krisk.org.
>
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.
