--On Monday, May 03, 2021 5:15 PM -0400 Clive Jacques <westriverp...@gmail.com> wrote:

Fail2ban should be more
explicit in that it doesn't kill existing connections, only new ones.  And
you kind of think it would ban existing connections.

That's not really fail2ban's fault. I assume you're using firewalld, and it doesn't offer a simple way to insert the ban before firewalld's internal rule that allows all packets in the connection tracker. To stop an existing connection, you have to ban packets before they hit the tracker rule in iptables' INPUT chain.




_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Reply via email to