Difference between revisions of "Whitelist"

Revision as of 15:37, 12 May 2010

Whitelisting

Whitelisting is setup in the jail.conf file using a space separated list.

[DEFAULT]
# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not                          
# ban a host which matches an address in this list. Several addresses can be                             
# defined using space separator.
                                                                         
ignoreip = 127.0.0.1 192.168.1.0/24 8.8.8.8

@@ Line 1: / Line 1: @@
-'''Whitelisting'''
+=== Whitelisting ===
-Whitelisting of a single host for, lets say, courier-auth is NOT possible! and thats very bad ... and the README / Howto to whitelisting is very poor - and thats even worse ...
+Whitelisting is setup in the jail.conf file using a space separated list.
-The serversystem is Debian Etch, fail2ban according to apt-cache show:
+<pre>[DEFAULT]
+# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not
+# ban a host which matches an address in this list. Several addresses can be
+# defined using space separator.
-I tried it with:
+ignoreip = 127.0.0.1 192.168.1.0/24 8.8.8.8
-) /etc/fail2ban/jail.conf:
+</pre>
-[DEFAULT]
-ignoreip = 127.0.0.1, 82.198.214.113
-= no success
-global_whitelist = /etc/fail2ban/whitelist.txt
-= no success
-) /etc/fail2ban/jail.local:
-[DEFAULT]
-ignoreip = 127.0.0.1, 82.198.214.113
-= no success
-) /etc/fail2ban/fai2ban.conf:
-[Definition]
-ignoreip = 127.0.0.1, 82.198.214.113
-= no success
-Finally, I tried to set a "ignoreip"-Line in /etc/filter.d/courierauth, but with no success :-(
-As far as I can see, there is no simple solution to whitelist single hosts (or networks?).
-At the moment, we have de-activated fai2ban on our mailserver.
-Greetings
-Lars Behrens

Difference between revisions of "Whitelist"

Revision as of 15:37, 12 May 2010

Whitelisting

Navigation menu

Page actions

Page actions

Personal tools

Navigation

Tools

Search