Insert fail2ban rule before state_chk and local_chk so established connexions can be stopped for banned host, and local hosts may also be banned

11 years ago · cb73eb7a4b
parent 1b7f16e314
commit cb73eb7a4b
1 changed files with 1 additions and 5 deletions
--- a/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Fail2Ban
+++ b/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Fail2Ban
@ -2,9 +2,5 @@
    /sbin/iptables --new-chain Fail2Ban
    /sbin/iptables --new-chain Fail2Ban_1
    /sbin/iptables --append Fail2Ban -j Fail2Ban_1
-    # TODO: add a prop to filter only external or internal and external interfaces
-    # Check for banned hosts after local_chk and state_chk
-    # TODO: add a prop to block established connections for banned host
-    # which means insert into position 1 instead of 3
-    /sbin/iptables --insert INPUT 3 \
+    /sbin/iptables --insert INPUT 1 \
        -j Fail2Ban