Add iptables quick drop entry

From snippet wiki
Jump to navigation Jump to search

As it just happened: fail2ban only works if the logging program tells the offending source ip. In case of this message fatal: Read from socket failed: Connection reset by peer [preauth] it doesn't work.

To add a single IP manually: 

iptables -A INPUT -s 222.186.x.y -j DROP

And verify it has been received: 

 # iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
fail2ban-ssh  tcp  --  anywhere             anywhere             multiport dports ssh
DROP       all  --  222.186.x.y        anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain fail2ban-ssh (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere
Retrieved from "http://snippet.wiki/w/index.php?title=Add_iptables_quick_drop_entry&oldid=531"