On 3/27/08, Simon Hobson <[EMAIL PROTECTED]> wrote: > Robert Lindgren wrote: > > >Are there any plans adding such a feature? The reason for such a > >feature is that I want to block a specific ip from a specific port, > >lets say 22 since there has been abuse on that port, with something > >like fail2ban, but I still want clients from that IP to be able to > >access for example port 80. > > > I'm fairly certain fail2ban will do that if you configure it to. The > owrst case is you have to edit the config files to make the fail2ban > filter apply only to the specified port. > > No need to involve Shorewall.
Well since fail2ban in it's default mode in ubuntu uses iptables directly it will create i new table for it's banned ip:s. And it will be removed when surewall is restarted. > > BTW - if you use fail2ban and SHorewall on the same machine, > configure Shorewall to restart fail2ban after a shorewall (re)start. Yes this might might solve my problems, since fail2ban will recreate it's table when restarted. Cheers. Robert ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
