Re: Firewalld Dienst defekt auf 15.1

Am 13.06.20 um 14:27 schrieb Mathias Homann: ich denke, ja Status for the jail: dovecot |- Filter | |- Currently failed: 16 | |- Total failed: 5951 | `- Journal matches: _SYSTEMD_UNIT=dovecot.service `- Actions |- Currently banned: 19 |- Total banned: 75 `- Banned IP list: 212.70.149.18 46.38.145.248 46.38.145.249 87.246.7.70 212.70.149.2 46.38.145.250 46.38.145.251 46.38.145.252 46.38.145.6 46.38.145.254 46.38.145.4 46.38.145.5 46.38.150.190 46.38.150.191 212.70.149.34 46.38.150.153 46.38.150.142 46.38.145.253 46.38.150.188 2020-06-13 16:13:08,612 fail2ban.filter [1615]: INFO [dovecot] Found 212.70.149.2 - 2020-06-13 16:13:08 2020-06-13 16:13:10,358 fail2ban.filter [1615]: INFO [dovecot] Found 46.38.145.247 - 2020-06-13 16:13:10 2020-06-13 16:13:11,112 fail2ban.filter [1615]: INFO [dovecot] Found 46.38.150.188 - 2020-06-13 16:13:10 Und das zeigt mir, dass die Regeln nicht greifen: 2020-06-13 16:11:57,455 fail2ban.actions [1615]: WARNING [dovecot] 212.70.149.2 already banned iptables -L Chain f2b-dovecot (1 references) target prot opt source destination REJECT all -- 212.70.149.34 anywhere reject-with icmp-port-unreachable REJECT all -- 46.38.145.254 anywhere reject-with icmp-port-unreachable REJECT all -- 46.38.145.4 anywhere reject-with icmp-port-unreachable REJECT all -- 46.38.145.253 anywhere reject-with icmp-port-unreachable REJECT all -- 46.38.145.5 anywhere reject-with icmp-port-unreachable REJECT all -- 46.38.145.250 anywhere reject-with icmp-port-unreachable REJECT all -- 46.38.145.252 anywhere reject-with icmp-port-unreachable REJECT all -- 46.38.145.248 anywhere reject-with icmp-port-unreachable REJECT all -- 46.38.145.249 anywhere reject-with icmp-port-unreachable REJECT all -- 46.38.150.190 anywhere reject-with icmp-port-unreachable REJECT all -- 46.38.145.6 anywhere reject-with icmp-port-unreachable REJECT all -- 46.38.145.251 anywhere reject-with icmp-port-unreachable REJECT all -- 46.38.150.191 anywhere reject-with icmp-port-unreachable REJECT all -- 46.38.150.188 anywhere reject-with icmp-port-unreachable REJECT all -- 46.38.150.153 anywhere reject-with icmp-port-unreachable REJECT all -- 46.38.150.142 anywhere reject-with icmp-port-unreachable REJECT all -- net6-ip70.linkbg.com anywhere reject-with icmp-port-unreachable REJECT all -- 212.70.149.18 anywhere reject-with icmp-port-unreachable REJECT all -- 212.70.149.2 anywhere reject-with icmp-port-unreachable Für mich sieht das soweit ok aus, nur die firewalld rejected nicht. Die Regeln sind vorhanden, oder wie siehst Du das? Danke Andreas -- ae | Andreas Ernst | IT Spektrum Postfach 5, 65612 Beselich Schupbacher Str. 32, 65614 Beselich, Germany Tel: +49-6484-91002 Fax: +49-6484-91003 ae(a)ae-online.de | www.ae-online.de www.tachyon-online.de -- Um die Liste abzubestellen, schicken Sie eine Mail an: opensuse-de+unsubscribe(a)opensuse.org Um den Listen Administrator zu erreichen, schicken Sie eine Mail an: opensuse-de+owner(a)opensuse.org