I have a home server, and I just installed fail2ban for added security. It is successfully adding rules to my iptables, but I don't think the packets are actually being dropped. For example, I'll ssh into my work computer and ssh into my server, but type in bogus paswords. Then my work computer shows up in the iptables as shown below. However, even after that rule has been added, I can still ssh into my server. Perhaps I am misunderstanding something, but it seems that the iptables are not actually dropping the packets from my work computer. Any thoughts?
Output of iptables -L:
Code:
Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-apache-proxy tcp -- anywhere anywhere multiport dports www,https
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain fail2ban-apache-proxy (1 references)
target prot opt source destination
DROP all -- 58.218.199.227 anywhere
DROP all -- 58.218.199.147 anywhere
RETURN all -- anywhere anywhere
Chain fail2ban-ssh (1 references)
target prot opt source destination
DROP all -- XXXXXX.sp.cs.cmu.edu anywhere
RETURN all -- anywhere anywhere
Bookmarks