On 5/18/2019 11:40 AM, Steven Barthen wrote: > Hello > > I currently try to utilize the Shorewall Dynamic Blacklist to block some > hosts via fail2ban. > > The part with fail2ban detection and filing a block works well, > nonetheless... the block itself doesnt actually happen. > > I can send a "shorewall show dynamic" and it will list all blocked IP's, > but they just continue to connect. > > shorewall.conf: > BLACKLIST=ALL > DYNAMIC_BLACKLIST=Yes > BLACKLIST_DISPOSITION=DROP > > > I have been trying to make the blacklist work, by setting "BLACKLIST" > keyword to the zones/interfaces, but they are all deprecated. And the > dynamic_blacklist page on shorewall doenst really explain what you have > to do to enable blacklisting anywhere. I've checked the default configs > and tried to find something on google, but there is nothing. > > my "blrules" is: > empty > > my interfaces : > #ZONEINTERFACEOPTIONS > neteth0 > vpntun0 > > my zones : > #ZONETYPEOPTIONSINOUT > #OPTIONSOPTIONS > fwfirewall > netipv4 > vpnipv4 > > my policy: > #LEVELBURSTMASK > fwallACCEPT > vpnallACCEPT > netallDROP info > allallREJECT info > > I have absolutely no idea why it isn't working. > > The logs are full of > > "Failed password for invalid user X from 206.XXX.XXX.85 port 60876 ssh2" > > while i can see > > # shorewall show dynamic | grep 206.XXX.XXX.85 > 0 0 DROP all -- * * 206.XXX.XXX.85 > 0.0.0.0/0 <http://0.0.0.0/0> > > I am using Shorewall 5.0.15.6 on Debian 9 now but my config is probably > a couple of years old. > > So how can I enable blacklisting or make them stop connecting? I even > set my blacklist to 7days but they just keep connecting over and over... > just like blacklist didn't exist. > > Help/Ideas appreciated. >
Did you do 'shorewall update' to update your configuration to 5.0.15.6? http://shorewall.org/troubleshoot.htm#Support -Matt -- Matt Darfeuille _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
