IPFW not locking people out
Posted
by
Cole
on Super User
See other posts from Super User
or by Cole
Published on 2012-03-30T03:52:30Z
Indexed on
2012/03/30
5:34 UTC
Read the original article
Hit count: 580
I've had some brute-forcing of my ssh connection recently, so I got fail2ban to hopefully prevent that. I set it up, and started testing it out by giving wrong passwords on my computer. (I have physical access to the server if I need to unblock myself) However, it never stops me from entering passwords.
I see in /var/log/fail2ban.log that fail2ban kicked in and banned me, and there's a ipfw entry for my IP, but I'm not locked out. I've changed the configuration around, and then tried just using the ipfw command myself, but nothing seems to lock me out. I've tried the following blocks:
65300 deny tcp from 10.0.1.30 to any in
65400 deny ip from 10.0.1.30 to any
65500 deny tcp from 10.0.1.30 to any
My firewall setup has a "allow ip from any to any" rule after these though, maybe that's the problem?
I'm using Mac OS 10.6 (stock ipfw, it doesn't seem to have a --version flag)
Thanks in advance.
© Super User or respective owner