On Tue, 27 Jul 2021 at 16:43, H <agents@xxxxxxxxxxxxxx> wrote:
>
> |Running CentOS 7. I was under the impression - seemingly mistaken - that by adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.* would ban all attempts from that network segment to connect to the server, ie before fail2ban would (eventually) ban connection attempts.
>
> This, however, does not seem correct and I could use a pointer to correct my misunderstanding. How is hosts.deny used and what have I missed?
>
> Is it necessary to run:
>
> iptables -I INPUT -s aaa.bbb.ccc.0/24 -j DROP
>
yes. iptables is one of the first things which will see the packets
coming to the server as it is implemented in kernel space. hosts.deny
only comes in for specific services which are compiled to use it.
[Internet] <-> [iptables] <-> [systemd if used] <-> [xinetd w/tcp-wrappers]
In the above example, a packet coming from the internet gets
interpreted and dealt with multiple tools and hosts.deny is only used
in the last section where xinetd and similar programs compiled with
tcp-wrappers look at hosts.deny file.
> to drop incoming connection attempts from that subnet?
>
> Thank you!
> |
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> https://lists.centos.org/mailman/listinfo/centos
--
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's
Law. All those moments will be lost in time... like posts on BBS...
time to reboot.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
