Le 31/03/2021 à 16:38, Mike a écrit : > The scripts work in conjunction with ipset (which is also used by fail2ban). > By default there's a command to enable the blocks using iptables. I think > it's > just a minor change to rewrite the iptables rule to use firewalld instead, or > you could implement the iptables commands under firewalld: see: > https://unix.stackexchange.com/questions/279937/is-firewalld-the-same-as-iptables > > I don't know all the details of the differences between firewalld and iptables > - it may vary from OS to OS, but basically it's just two lines that implement > the ipset blacklist (one for blocking, one for logging) and if you are using a > different firewall, as long as it's compatible with ipset, you're good to go. > Worse case is you have to rewrite the iptables command for your particular > flavor firewall. If you do that, notify the author. He's happy to include > those commands in the project for other users. > > Last month, I noticed fail2ban didn't even have most of my ipset lists > created. I thought something was wrong, but it turns out login-shield was so > effective at keeping people from even trying to hack my server, fail2ban > didn't > catch any failed logins. That was pretty cool. Unlike f2b which uses > individual IP address blocks, login-shield uses CIDR ranges tied to known > sources of hacking and is regularly updated. There's also a way where you can > make your own modified version of the lists.
Thank you very much for your detailed answers. I will check this out in more detail with a clear head tomorrow. Cheers, Niki -- Microlinux - Solutions informatiques durables 7, place de l'église - 30730 Montpezat Site : https://www.microlinux.fr Blog : https://blog.microlinux.fr Mail : i...@microlinux.fr Tél. : 04 66 63 10 32 Mob. : 06 51 80 12 12 _______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
