C. Ross

Asked: 2010-01-31 08:58:39 +0800 CST2010-01-31 08:58:39 +0800 CST 2010-01-31 08:58:39 +0800 CST

Configure Fail2ban to ignore local (NAT) IPs

How can I configure fail2ban to always allow attempts from the local/NAT ips (ie 192.168.1.*). I have tried putting the following entry into /etc/fail2ban/jail.conf:

[DEFAULT]

# "ignoreip" can be an IP address, a CIDR mask or a DNS host
ignoreip = 127.0.0.1 192.168.1.*
bantime  = 600
maxretry = 3

but upon restart I had the following warning in my /var/log/fail2ban.log

WARNING Unable to find a corresponding IP address for 192.168.1.*

What's the correct configuration for what I'm trying to do?

Please note that I still wish local host (127.0.0.1) to be exempted as well.

Ubuntu 9.04

1 Answers

Voted

Best Answer

user17642
2010-01-31T09:30:47+08:002010-01-31T09:30:47+08:00
Shouldn't you add 192.168.1.0/24 instead of 192.168.1.* ?
5

Configure Fail2ban to ignore local (NAT) IPs

Ping a Specific Port

How do I tell Git for Windows where to find my private RSA key?

How do you restart php-fpm?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

How can I sort du -h output by size

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?