1

Topic: Fail2Ban - IP's listed again

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.7 professional
- Linux/BSD distribution name and version: CentOS Linux 7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx):Nginx
- Manage mail accounts with iRedAdmin-Pro? YES
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I have added the Ip's to vi /etc/fail2ban/jail.conf as below

ignoreip = 127.0.0.1/8 161.47.34.7/32 173.203.2.22/32 108.166.43.128/32 204.232.172.40/32 146.20.86.8/32

But

The IP's are listed again in the IPtables

Chain f2b-postfix (1 references)
target     prot opt source               destination         
REJECT     all  --  212.11.162.172       0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  204.232.172.40       0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  203.197.141.207      0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  161.47.34.7          0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  146.20.86.8          0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  114.35.123.164       0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  108.166.43.128       0.0.0.0/0            reject-with icmp-port-unreachable
RETURN     all  --  0.0.0.0/0            0.0.0.0/0           

How can I fix this permanantly.
Thanks
Shareef

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Fail2Ban - IP's listed again

Try to add it to /etc/fail2ban/jail.local. it will override settings in "jail.conf".