Daniel Holm

Asked: 2019-03-20 00:19:52 +0800 CST2019-03-20 00:19:52 +0800 CST 2019-03-20 00:19:52 +0800 CST

Block IP:s recognized by logwatch using fail2ban+ufw?

I got fail2ban and logwatch running on my server. Each day I have a few IP:s that's been probing my server and also a few "Attempts to use known hacks", as it states in the daily mail.

I would like to block these IP:s using the knowledge of logwatch, since it apparently knows what "known hacks" are. By looking trough the apache access logs I don't quite understand what logwatch refers to.

As I said, fail2ban is installed and uses UFW as block action. Is there somehow possible to block these IP:s that are recognized by logwatch? fail2ban doesn't seem to block them.

Thanks, Daniel

Block IP:s recognized by logwatch using fail2ban+ufw?

How to install Google Chrome

Is there a command to list all users? Also to add, delete, modify users, in the terminal?

How to delete a non-empty directory in Terminal?

How to unzip a zip file from the Terminal?

How can I copy the contents of a folder to another folder in a different directory using terminal?

How do I install a .deb file via the command line?

How do I run .sh scripts?

How do I install a .tar.gz (or .tar.bz2) file?

How to list all installed packages

Unable to lock the administration directory (/var/lib/dpkg/) is another process using it?

Block IP:s recognized by logwatch using fail2ban+ufw?

0 Answers