The only problem I have with recidiv is that it blocks all ports from a given
IP; I would much prefer to block only the attacked ports. This is especially
important when the attacks are coming from behind a large ISPs NAT firewall.
On 2/06/2017 2:26 AM, Mark Costlow wrote:
I would like to put in a word for using the recidive jail for this.
It's not exactly what you want, but I believe it is the closest thing
to it which fail2ban "supports" (it's just a hack of monitoring fail2ban's
own log file with fail2ban). We have used it with success.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
