Welcome, Guest. Please login or register.
Did you miss your activation email?
Saturday 30 November 2024, 06:47:42 pm

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Snort and fail2ban, iptables
0 Members and 3 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Snort and fail2ban, iptables  (Read 40236 times)
samuel
Jr. Member
*
Offline Offline

Posts: 2



« on: Tuesday 07 November 2023, 09:10:29 pm »

Hello. I started fail2ban, configured filter.d for snort. Filter.d
[Definition]

failregex = .*snort.*Priority: 1.*} <HOST>.*
#        .*snort.*Priority: 2.*} <HOST>.*

I have configured jail.local
 
Although fail2ban bans ip, iptables doesn't ban those apis, I still see them active. How could I add this rule in iptables to block ips banned by fail2ban? Thank you !
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.047 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com