On 4/20/2012 2:24 AM, Bob Hoffman wrote:
> if I could add something, definitely put ports, if numbers, in
> quotes...without quotes I got some errors in the logs
> port=ftp, no quotes.....port="2222" quotes
>
> and I added one for vsftp, I use port 5000
>
> [vsftpd-iptables]
> enabled = true
> filter = vsftpd
> action = iptables[name=VSFTPD, port="5000", protocol=tcp]
> logpath = /var/log/vsftpd.log
> maxretry = 5
> bantime = 1800
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
>
my final add on this tonight..
due to the older versions of 'whatever' centos uses, there will be
errors on startup of fail2ban regarding multiport
jails.
To avoid these errors it was suggested to add a sleep mechanism to the
start up commands in the proper file.
/etc/fail2ban/action.d/iptables-mutliport.conf
added a sleep line sleep `perl -e 'print rand(3);'` to line 14 and
dropped everything down one line to make room for it
actionstart = sleep `perl -e 'print rand(3);'`
iptables -N fail2ban-<name>
iptables -A fail2ban-<name> -j RETURN
iptables -I INPUT -p <protocol> -m multiport --dports
<port> -j fail2ban-<name>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
