Difference between revisions of "Whitelist"

From Fail2ban
Jump to: navigation, search
(Removed the mis-information and added the proper way to do whitelisting)
Line 1: Line 1:
'''Whitelisting'''
+
=== Whitelisting ===
  
Whitelisting of a single host for, lets say, courier-auth is NOT possible! and thats very bad ... and the README / Howto to whitelisting is very poor - and thats even worse ...
+
Whitelisting is setup in the jail.conf file using a space separated list.
  
The serversystem is Debian Etch, fail2ban according to apt-cache show:
+
<pre>[DEFAULT]
 
+
# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not                         
 
+
# ban a host which matches an address in this list. Several addresses can be                           
 
+
# defined using space separator.
I tried it with:
+
                                                                       
 
+
ignoreip = 127.0.0.1 192.168.1.0/24 8.8.8.8
1) /etc/fail2ban/jail.conf:
+
</pre>
 
+
[DEFAULT]
+
 
+
ignoreip = 127.0.0.1, 82.198.214.113
+
 
+
= no success
+
 
+
global_whitelist = /etc/fail2ban/whitelist.txt
+
 
+
= no success
+
 
+
 
+
2) /etc/fail2ban/jail.local:
+
 
+
[DEFAULT]
+
 
+
ignoreip = 127.0.0.1, 82.198.214.113
+
 
+
= no success
+
 
+
3) /etc/fail2ban/fai2ban.conf:
+
 
+
[Definition]
+
 
+
ignoreip = 127.0.0.1, 82.198.214.113
+
 
+
= no success
+
 
+
Finally, I tried to set a "ignoreip"-Line in /etc/filter.d/courierauth, but with no success :-(
+
 
+
As far as I can see, there is no simple solution to whitelist single hosts (or networks?).
+
 
+
 
+
At the moment, we have de-activated fai2ban on our mailserver.
+
 
+
 
+
Greetings
+
 
+
 
+
Lars Behrens
+

Revision as of 15:37, 12 May 2010

Whitelisting

Whitelisting is setup in the jail.conf file using a space separated list.

[DEFAULT]
# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not                          
# ban a host which matches an address in this list. Several addresses can be                             
# defined using space separator.
                                                                         
ignoreip = 127.0.0.1 192.168.1.0/24 8.8.8.8