On 07/28/2021 05:12 AM, Stephen John Smoogen wrote:
> On Tue, 27 Jul 2021 at 16:43, H <agents@xxxxxxxxxxxxxx> wrote:
>> |Running CentOS 7. I was under the impression - seemingly mistaken - that by adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.* would ban all attempts from that network segment to connect to the server, ie before fail2ban would (eventually) ban connection attempts.
>>
>> This, however, does not seem correct and I could use a pointer to correct my misunderstanding. How is hosts.deny used and what have I missed?
>>
>> Is it necessary to run:
>>
>> iptables -I INPUT -s aaa.bbb.ccc.0/24 -j DROP
>>
> yes. iptables is one of the first things which will see the packets
> coming to the server as it is implemented in kernel space. hosts.deny
> only comes in for specific services which are compiled to use it.
>
> [Internet] <-> [iptables] <-> [systemd if used] <-> [xinetd w/tcp-wrappers]
>
> In the above example, a packet coming from the internet gets
> interpreted and dealt with multiple tools and hosts.deny is only used
> in the last section where xinetd and similar programs compiled with
> tcp-wrappers look at hosts.deny file.
>
>
>> to drop incoming connection attempts from that subnet?
>>
>> Thank you!
>> |
>> _______________________________________________
>> CentOS mailing list
>> CentOS@xxxxxxxxxx
>> https://lists.centos.org/mailman/listinfo/centos
>
>
Thank you, I will utilize iptables (I am running C7).
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
