Difference between revisions of "Whitelist"

From Fail2ban
Jump to: navigation, search
(Removed the mis-information and added the proper way to do whitelisting)
(Added config demonstrating CIDR ranges for all private networks.)
 
Line 9: Line 9:
 
                                                                          
 
                                                                          
 
ignoreip = 127.0.0.1 192.168.1.0/24 8.8.8.8
 
ignoreip = 127.0.0.1 192.168.1.0/24 8.8.8.8
 +
</pre>
 +
 +
<pre>
 +
# This will ignore connection coming from common private networks.
 +
# Note that local connections can come from other than just 127.0.0.1, so
 +
# this needs CIDR range too.
 +
ignoreip = 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
 
</pre>
 
</pre>

Latest revision as of 12:04, 25 May 2010

Whitelisting

Whitelisting is setup in the jail.conf file using a space separated list.

[DEFAULT]
# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not                          
# ban a host which matches an address in this list. Several addresses can be                             
# defined using space separator.
                                                                         
ignoreip = 127.0.0.1 192.168.1.0/24 8.8.8.8
# This will ignore connection coming from common private networks.
# Note that local connections can come from other than just 127.0.0.1, so
# this needs CIDR range too.
ignoreip = 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16