Difference between revisions of "Whitelist"

From Fail2ban
Jump to: navigation, search
(New page: Whitelisting Whitelisting of a single host for, lets say, courier-auth is NOT possible! and thats very bad ... and the README / Howto to whitelisting is very poor - and thats even worse ...)
 
(Added config demonstrating CIDR ranges for all private networks.)
 
(2 intermediate revisions by 2 users not shown)
Line 1: Line 1:
Whitelisting  
+
=== Whitelisting ===
  
Whitelisting of a single host for, lets say, courier-auth is NOT possible! and thats very bad ... and the README / Howto to whitelisting is very poor - and thats even worse ...
+
Whitelisting is setup in the jail.conf file using a space separated list.
  
I tried it with:
+
<pre>[DEFAULT]
 +
# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not                         
 +
# ban a host which matches an address in this list. Several addresses can be                           
 +
# defined using space separator.
 +
                                                                       
 +
ignoreip = 127.0.0.1 192.168.1.0/24 8.8.8.8
 +
</pre>
  
1) /etc/fail2ban/jail.conf:
+
<pre>
 
+
# This will ignore connection coming from common private networks.
[DEFAULT]
+
# Note that local connections can come from other than just 127.0.0.1, so
 
+
# this needs CIDR range too.
ignoreip = 127.0.0.1, 82.198.214.113
+
ignoreip = 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
 
+
</pre>
= no success
+
 
+
global_whitelist = /etc/fail2ban/whitelist.txt
+
 
+
= no success
+
 
+
 
+
2) /etc/fail2ban/jail.local:
+
 
+
[DEFAULT]
+
 
+
ignoreip = 127.0.0.1, 82.198.214.113
+
 
+
= no success
+
 
+
3) /etc/fail2ban/fai2ban.conf:
+
 
+
[Definition]
+
 
+
ignoreip = 127.0.0.1, 82.198.214.113
+
 
+
= no success
+
 
+
Finally, I tried to set a "ignoreip"-Line in /etc/filter.d/courierauth, but with no success :-(
+
 
+
As far as I can see, there is no simple solution to whitelist single hosts (or networks?).
+
 
+
 
+
At the moment, we have de-activated fai2ban on our mailserver.
+
 
+
 
+
Greetings
+
 
+
 
+
Lars Behrens
+

Latest revision as of 13:04, 25 May 2010

Whitelisting

Whitelisting is setup in the jail.conf file using a space separated list.

[DEFAULT]
# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not                          
# ban a host which matches an address in this list. Several addresses can be                             
# defined using space separator.
                                                                         
ignoreip = 127.0.0.1 192.168.1.0/24 8.8.8.8
# This will ignore connection coming from common private networks.
# Note that local connections can come from other than just 127.0.0.1, so
# this needs CIDR range too.
ignoreip = 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16