Re: hosts.deny, fail2ban etc.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 07/27/2021 05:17 PM, Pete Biggs wrote:
> On Tue, 2021-07-27 at 16:43 -0400, H wrote:
>>> Running CentOS 7. I was under the impression - seemingly mistaken -
>>> that by adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.*
>>> would ban all attempts from that network segment to connect to the
>>> server, ie before fail2ban would (eventually) ban connection
>>> attempts.
>> This, however, does not seem correct and I could use a pointer to
>> correct my misunderstanding. How is hosts.deny used and what have I
>> missed?
> hosts.deny is only used by specific programs that use TCP wrappers. It
> is not a general "deny this host access".
>
> Also note that fail2ban operates on individual hosts, not subnets.
>
>> Is it necessary to run:
>>
>>  iptables -I INPUT -s aaa.bbb.ccc.0/24 -j DROP
>>
>> to drop incoming connection attempts from that subnet?
>>
> If you use iptables yes, probably.  Firewalld has a specific drop zone
> that you can use:
>
>   firewall-cmd --zone=drop --add-source=aaa.bbb.ccc.0/24
>
> (with suitable --permanent flag if you want it permanent).
>
> P.
>
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> https://lists.centos.org/mailman/listinfo/centos

Noted, I am using iptables.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]


  Powered by Linux