Tareas #6429

Vera baneada en Godel

Added by Daniel Viñar Ulriksen 3 months ago. Updated 3 months ago.

Status:ResueltaStart date:04/03/2020
Priority:NormalDue date:
Assignee:Daniel Viñar Ulriksen% Done:

80%

Category:-Spent time:-
Target version:-

Description

El fail2ban de Godel está baneando a Vera:

root@godel:# iptables -L
...
Chain fail2ban-postfix (1 references)
target     prot opt source               destination         
REJECT     all  --  162-144-42-107.unifiedlayer.com  anywhere             reject-with icmp-port-unreachable
REJECT     all  --  smtp-s07-c.vera.com.uy  anywhere             reject-with icmp-port-unreachable
RETURN     all  --  anywhere             anywhere
...

Víctor estuvo viendo ayer de agregar IPs Vera as la whitelist de las RBL de Zimbra (aplicando lo descrito en esta tarea: #5783). Pero esto es el fail2ban, no las rbl del zimbra.

History

#1 Updated by Daniel Viñar Ulriksen 3 months ago

  • Description updated (diff)
  • Status changed from Nueva to En curso
  • % Done changed from 0 to 30

Desbaneo la IP de Vera con:

root@godel:# host smtp-s07-c.vera.com.uy
smtp-s07-c.vera.com.uy has address 200.40.31.46
root@godel:# fail2ban-client set postfix unbanip 200.40.31.46
200.40.31.46

#2 Updated by Daniel Viñar Ulriksen 3 months ago

  • Status changed from En curso to Resuelta
  • % Done changed from 30 to 80

Y la agrego a la lista de IPs ignoradas por el fail2ban:

root@godel:# fail2ban-client set postfix addignoreip 200.40.31.46/32
These IP addresses/networks are ignored:
|- 127.0.0.1/8
|- 164.73.68.0/25
|- 164.73.98.0/24
|- 164.73.227.8/32
|- 164.73.212.3/32
|- 164.73.129.3/32
|- 164.73.128.50/32
|- 164.73.225.8/32
`- 200.40.31.46/32

Ver la lista de comandos fail2ban-client.

Also available in: Atom PDF