From cb73eb7a4bf676207199b6cd39c0e3fc9e18ebf1 Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Thu, 2 May 2013 16:33:54 +0200 Subject: [PATCH] Insert fail2ban rule before state_chk and local_chk so established connexions can be stopped for banned host, and local hosts may also be banned --- root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Fail2Ban | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Fail2Ban b/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Fail2Ban index 934ffbd..b9ec967 100644 --- a/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Fail2Ban +++ b/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Fail2Ban @@ -2,9 +2,5 @@ /sbin/iptables --new-chain Fail2Ban /sbin/iptables --new-chain Fail2Ban_1 /sbin/iptables --append Fail2Ban -j Fail2Ban_1 - # TODO: add a prop to filter only external or internal and external interfaces - # Check for banned hosts after local_chk and state_chk - # TODO: add a prop to block established connections for banned host - # which means insert into position 1 instead of 3 - /sbin/iptables --insert INPUT 3 \ + /sbin/iptables --insert INPUT 1 \ -j Fail2Ban