:: Re: [DNG] nftables firewall and fai…
Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MAntony Stone at <-
MBob Proulx at ->
Delete this message
Reply to this message
Author: Simon
Date:  
To: dng
Subject: Re: [DNG] nftables firewall and fail2ban replacement.
Antony Stone <Antony.Stone@???> wrote:

> The one feature I'd like to see on fail2ban is multi-server communication, so
> that if one of my machines has a reason to block an address, it tells all my
> others to block that address as well.

That’s also possible to “roll your own”. I was considering this at my last place, but never got round to doing it.
The only hard bit is messaging between machines, but my plan was to send a message to the outside router so it could block the address at the perimeter.

One thought I had was to use syslog to send certain messages to the router’s syslog so fail2ban could pick them up and apply rules.

Simon

This message was posted to the following mailing lists:
dng
Mailing List Info | Nearby Messages		<-Re: [DNG] [OT] bash / quote weirdnessRe: [DNG] [OT] bash / quote weirdness->

Donate to Dyne.org

dyne.org open discussions
administrated by dyne.org hackers		Lurker (version 2.3)