rmi2
December 8th, 2013, 11:48 PM
Hi,
I just enabled ufw on my Ubuntu 12.04.
[10:32:42] [~]
-> # ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip
To Action From
-- ------ ----
22 ALLOW IN Anywhere
443 ALLOW IN Anywhere
80 ALLOW IN Anywhere
64740 ALLOW IN Anywhere
64739 ALLOW IN Anywhere
25565 ALLOW IN Anywhere
8888 ALLOW IN Anywhere
64553 ALLOW IN Anywhere
Anywhere DENY IN 78.58.199.xxx
The last IP is one I want to ban (because it bruteforces my ssh and fail2ban doesn't catch him as he's delaying his retries). Unfortunatly, it doesn't work:
netstat -atnp
[..]
tcp 0 0 5.45.xx.xxx:22 78.58.199.xxx:60895 ESTABLISHED 30076/sshd: root
[..]
He is still able to connect. Did I configure anything wrong?
Greetings,
rmi
I just enabled ufw on my Ubuntu 12.04.
[10:32:42] [~]
-> # ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip
To Action From
-- ------ ----
22 ALLOW IN Anywhere
443 ALLOW IN Anywhere
80 ALLOW IN Anywhere
64740 ALLOW IN Anywhere
64739 ALLOW IN Anywhere
25565 ALLOW IN Anywhere
8888 ALLOW IN Anywhere
64553 ALLOW IN Anywhere
Anywhere DENY IN 78.58.199.xxx
The last IP is one I want to ban (because it bruteforces my ssh and fail2ban doesn't catch him as he's delaying his retries). Unfortunatly, it doesn't work:
netstat -atnp
[..]
tcp 0 0 5.45.xx.xxx:22 78.58.199.xxx:60895 ESTABLISHED 30076/sshd: root
[..]
He is still able to connect. Did I configure anything wrong?
Greetings,
rmi