Mailinglist Archive: opensuse-factory (826 mails)

< Previous Next >
Re: [opensuse-factory] Fail2ban 0.10.1 with IPv6 features in security/fail2ban
Johannes Weberhofer wrote:
I have just submitted fail2ban 0.10.1 to the security project. This
update brought a lot of changes which are documented in the changelog
and at https://github.com/fail2ban/fail2ban/blob/0.10/ChangeLog
Thank you. Good to know, that IPv6 is finally coming. Without IPv6
protection, a lot servers are unprotected against IPv6 clients.

My tests were successful but I can't test with IPv6. Please let me
know if you see any issues. I plan to submit the package to factory
next week.
My home Internet provider also does not offer IPv6. My idea is to test
in LAN. Usually every IPv6 capable host in LAN gets a link-local address
in network fe80::/64. So you can try to test with a local IPv6 address
to access e.g. password protected Apache folders multiple times until
Fail2ban fires.

Unfortunately I can run this with IPv4, but IPv6 gives me an error. Ideas?

IPv4 with 127.0.0.100 (an address in the localhost network)
$ wget --bind-address=127.0.0.100 http://localhost/mythweb
--2017-10-24 14:06:00-- http://localhost/mythweb
Resolving localhost (localhost)... 127.0.0.1, ::1
Connecting to localhost (localhost)|127.0.0.1|:80... connected.
HTTP request sent, awaiting response... 401 Unauthorized

Username/Password Authentication Failed.

IPv6 with fe80:0000:0000:0000:0000:0000:0000:000a (a link-local IPv6
address)
$ wget --bind-address=fe80:0000:0000:0000:0000:0000:0000:000a \
'http://[fe80:0000:0000:0000:0000:0000:0000:0001]/mythweb'
--2017-10-24 14:08:43--
http://[fe80:0000:0000:0000:0000:0000:0000:0001]/mythweb
Connecting to fe80:0000:0000:0000:0000:0000:0000:0001
(fe80:0000:0000:0000:0000:0000:0000:0001)|fe80::1|:80... failed: Invalid
argument.

Greetings,
Björn
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
References